Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump go toolchain version to address CVE-2023-45288 for release-1.3 #713

Merged
merged 2 commits into from
Apr 5, 2024
Merged

Bump go toolchain version to address CVE-2023-45288 for release-1.3 #713

merged 2 commits into from
Apr 5, 2024

Commits on Apr 5, 2024

  1. Bump go toolchain version to address CVE-2023-45288 

    Changes:
- Bump toolchain version to 1.21.9 due to CVE-2023-45288
- run `go mod tidy`

Reference:
- PR etcd #17703

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
    @henrybear327
    henrybear327 committed Apr 5, 2024
    Configuration menu
    Copy the full SHA
    0b59bc1 View commit details
    Browse the repository at this point in the history

  2. Address linter issues 

    Changes (align with the main branch):
- remove rand.Seed(s)
- use rand.Read from "crypto/rand"
- add //nolint:all for (*reflect.SliceHeader)(slice) -> will fix in a 
follow-up PR

Signed-off-by: Chun-Hung Tseng <henrybear327@gmail.com>
Co-authored-by: Iván Valdés Castillo <iv@nvald.es>
    @henrybear327 @ivanvc
    henrybear327 and ivanvc committed Apr 5, 2024
    Configuration menu
    Copy the full SHA
    9b60c13 View commit details
    Browse the repository at this point in the history