Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Switch uuid package #108

Merged
merged 1 commit into from
Apr 17, 2022
Merged

Switch uuid package #108

merged 1 commit into from
Apr 17, 2022

Conversation

arnested
Copy link
Owner

@arnested arnested commented Apr 17, 2022

Use github.com/google/uuid instead of github.com/satori/go.uuid.

The latter has a vulnerability, GO-2020-0018. Although fixed in master (satori/go.uuid#75), a release has never been tagged.

Use github.com/google/uuid instead of github.com/satori/go.uuid.

The latter has a vulnerability, [GO-2020-0018](https://pkg.go.dev/vuln/GO-2020-0018). Although fixed in master, a release has never been tagged.
@arnested arnested merged commit c3ecd91 into main Apr 17, 2022
@arnested arnested deleted the fix/GO-2020-0018 branch April 17, 2022 19:02
@arnested
Copy link
Owner Author

Just for the record: The vulnerability in github.com/satori/go.uuid had no security impact on ssh2iterm2.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant