Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fixing CVE-2022-28948 #59

Closed
wants to merge 1 commit into from
Closed

Conversation

uname223
Copy link

Updates gopkg.in/yaml.v3 to v3.0.0 to fix CVE-2022-28948.
Refer to go-yaml/yaml#666.

@CLAassistant
Copy link

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.


uname223 seems not to be a GitHub user. You need a GitHub account to be able to sign the CLA. If you have already a GitHub account, please add the email address used for this commit to your account.
You have signed the CLA already but the status is still pending? Let us recheck it.

@abhinav
Copy link
Collaborator

abhinav commented May 27, 2022

Thanks for the contribution, @uname223!
Please sign the CLA, and we can merge this as soon as the build passes.
Thanks!

@codecov
Copy link

codecov bot commented May 27, 2022

Codecov Report

Merging #59 (ced3af7) into master (f46d400) will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff            @@
##            master       #59   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            1         1           
  Lines          108       108           
=========================================
  Hits           108       108           

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f46d400...ced3af7. Read the comment docs.

abhinav added a commit that referenced this pull request May 31, 2022
@abhinav abhinav mentioned this pull request May 31, 2022
@abhinav
Copy link
Collaborator

abhinav commented May 31, 2022

Superseded by #60 since the CLA wasn't signed.

@abhinav abhinav closed this May 31, 2022
abhinav added a commit that referenced this pull request May 31, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants