crane: Bump Go version from 1.18 to 1.19/1.20 #1785
Labels
bug
Something isn't working
Comments
|
Can we get a high prio for this? |
|
Any update on this issue? |
|
Adding one more vunerability to this issue : CVE-2023-39323 |
|
Hi Team, when we would expect for these changes to be released |
|
Team, I could see changes are pushed for this issue, but when can we expect a new release with these changes. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerability scanner over Crane binary is reporting multiple vulnerabilities because of Go version 1.18.10 and the fix is available in 1.20.5, 1.19.10
List of vulnerabilities reported are :
CVE-2023-39533
CVE-2023-29405
CVE-2023-24539
CVE-2023-24536
CVE-2023-29400
CVE-2023-24538
CVE-2022-41723
CVE-2023-29404
CVE-2023-29403
CVE-2023-24540
CVE-2023-29406
CVE-2023-24532
CVE-2023-29409
Crane version used: v0.16.1
Resolution: Bump Go version to either 1.20/1.19
The text was updated successfully, but these errors were encountered: