Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade golang.org/x/net for security fix #1008

Merged
merged 2 commits into from Jun 1, 2021
Merged

Upgrade golang.org/x/net for security fix #1008

merged 2 commits into from Jun 1, 2021

Conversation

miquella
Copy link
Contributor

Change Overview

The Go team announced a security vulnerability in the golang.org/x/net/html package. The vulnerability allowed an attacker to craft an input to ParseFragment that would cause it to enter an infinite loop, causing a denial of service.

This issue has been addressed in version v0.0.0-20210520170846-37e1c6afe023 of the golang.org/x/net module.

Tracking ID: CVE-2021-33194
Announcement: https://groups.google.com/g/golang-announce/c/wPunbCPkWUg

Pull request type

  • πŸ› Bugfix

Issues

  • N/A

Test Plan

N/A

  • πŸ’ͺ Manual
  • ⚑ Unit test
  • πŸ’š E2E

@miquella
Upgrade golang.org/x/net for security fix
d81f2a5 
The Go team announced a security vulnerability in the
golang.org/x/net/html package. The vulnerability allowed an attacker to
craft an input to ParseFragment that would cause it to enter an
infinite loop, causing a denial of service.

This issue has been addressed in version
v0.0.0-20210520170846-37e1c6afe023 of the golang.org/x/net module.

Tracking ID: CVE-2021-33194
Announcement: https://groups.google.com/g/golang-announce/c/wPunbCPkWUg
@miquella
Copy link
Contributor Author

miquella commented Jun 1, 2021

Thanks for looking at this, @vkamra and @julio-lopez! πŸ™‡

@miquella miquella added the kueue label Jun 1, 2021
@mergify mergify bot merged commit e991690 into master Jun 1, 2021
@mergify mergify bot deleted the upgrade-golang-x-net branch June 1, 2021 22:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vkamra vkamra vkamra approved these changes

@julio-lopez julio-lopez julio-lopez approved these changes

@pavannd1 pavannd1 Awaiting requested review from pavannd1

Assignees
No one assigned
Labels
kueue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@miquella @vkamra @julio-lopez