CVE-2023-39533 and other vulnerabilities in go 1.20.4. can you upgrade to go 1.20.7? #199
Comments
|
@nerdeveloper wondering if you can take a look? |
|
@czhujer @scbizu @nerdeveloper any thoughts on this? This would be huge for my company, which puts a big emphasis on security. |
|
yes, we should bump version fo golang :) also bump helm package to 3.13 will good. Maybe we should switch also yaml package check this: ghodss/yaml#81 |
|
@czhujer thanks so much!!! |
|
Yes, it would be greatly appreciated if all the open update PRs from dependaBot would make into a release soon. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi there, we use helm-push at the company where I work. This library depends on a go 1.20.4, which has known vulnerabilities. Is it possible to upgrade to go 1.20.7? I will take a look and see what it takes to upgrade.
The text was updated successfully, but these errors were encountered: