Update go toolchain to 1.22.6 [CVE-2024-24790 - 9.8 CVSS] by snowamk · Pull Request #1577 · fluxcd/source-controller
Navigation Menu
{{ message }}
fluxcd / source-controller Public
- Notifications You must be signed in to change notification settings
- Fork 231
Closed
Update go toolchain to 1.22.6 [CVE-2024-24790 - 9.8 CVSS]#1577
snowamk wants to merge 1 commit intofluxcd:mainfrom
Update go toolchain to 1.22.6 [CVE-2024-24790 - 9.8 CVSS]#1577
snowamk wants to merge 1 commit intofluxcd:mainfrom
Conversation
Copy link Copy Markdown
snowamk
commented
Aug 14, 2024
snowamk
commented
To fix https://nvd.nist.gov/vuln/detail/CVE-2024-24790 / https://pkg.go.dev/vuln/GO-2024-2887
Full disclosure: Running into some issues with the tests timing out, but I'm hoping it's just my laptop cosplaying as a toaster and it'll run fine on your CI : /
To fix https://nvd.nist.gov/vuln/detail/CVE-2024-24790 / https://pkg.go.dev/vuln/GO-2024-2887 Signed-off-by: Ali Mehrabi Koshki <ali.mehrabikoshki@servicenow.com>
Copy link Copy Markdown
Member
stefanprodan
commented
Aug 14, 2024
stefanprodan commented
Aug 14, 2024There is no need to bump the Go version in go.mod, when we will be releasing the controller we'll be using Go 1.23
stefanprodan
closed this
Copy link Copy Markdown
Author
snowamk
commented
Aug 15, 2024
snowamk commented
Aug 15, 2024Thanks @stefanprodan - any rough timeline for when the next image will be released with 1.23?
Copy link Copy Markdown
Member
stefanprodan
commented
Aug 15, 2024
stefanprodan commented
Aug 15, 2024Some weeks from now, when all things on the roadmap for Flux 2.4 will be finished https://fluxcd.io/roadmap/#v24-q3-2024
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
2 participants