Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update golang.org/x/net to fix CVE-2023-45288 #452

Closed
waqasabdul opened this issue Apr 19, 2024 · 2 comments
Closed

Update golang.org/x/net to fix CVE-2023-45288 #452

waqasabdul opened this issue Apr 19, 2024 · 2 comments

Comments

@waqasabdul
Copy link

The golang.org/x/net (v0.21.0) shipped in latest release v0.1.2 https://github.com/Azure/kubelogin/releases/tag/v0.1.2 has a vulnerability CVE-2023-45288.

It can be resolved by updating golang.org/x/net to 0.23.0
@bcho
Copy link
Member

bcho commented Apr 20, 2024

hi thanks for reporting, I just merged #451 for mitigating this CVE. Will prepare a new release on next Monday. cc @weinong

@bcho
Copy link
Member

bcho commented Apr 23, 2024

We just published the https://github.com/Azure/kubelogin/releases/tag/v0.1.3 with the fix of x/net, PTAL

@bcho bcho closed this as completed Apr 23, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@waqasabdul @bcho