You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Version bump has been merged for the crypto dep. This will go out in our next release which will be early/middle of January as we are currently in a holiday release freeze.
@jackwotherspoon thank you for the prompt fix and clear response. I just wanted to let you know that your attention to detail for these open source proxy repositories is a big part of why our team remains confident in using Google Cloud SQL.
Bug Description
This pins
golang.org/x/crypto v0.16.0
which is vulnerable to GHSA-45x7-px36-x8w8 / CVE-2023-48795Please merge #2077 to upgrade the dependency.
Example code (or command)
No response
Stacktrace
No response
Steps to reproduce?
Environment
focal
on a Google Cloud Workstation)cloud-sql-proxy version 2.8.1+container
Additional Details
No response
The text was updated successfully, but these errors were encountered: