Skip to content

v5.13.1-rc5

@probelabs probelabs tagged this 29 Jun 15:28
## Problem / Task
Bump `github.com/aws/aws-sdk-go-v2/service/s3` to `v1.97.3` to fix CVE
GHSA-xmrv-pmrh-hhx2 (aws-sdk-go-v2 eventstream DoS).
Resolves TT-17637.

Requested by: U3P2L4XNE
Slack thread: https://slack.com/archives/C0ATZQCMG58/p1782736352621879

## Changes
- Updated `github.com/aws/aws-sdk-go-v2/service/s3` to `v1.97.3` in
`go.mod`
- Added blank import for `github.com/aws/aws-sdk-go-v2/service/s3` in
`ee/middleware/streams/stream.go` to ensure it survives `go mod tidy`
- Ran `go mod tidy`

## Testing
- Verified `go build -o tyk` succeeds

Co-authored-by: Leonid Bugaev <leonsbox@gmail.com>
Assets 2
Loading