Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[20.10] update to go 1.16.15 to address CVE-2022-24921 #43326

Merged
merged 1 commit into from Mar 4, 2022

Conversation

thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Mar 4, 2022

Addresses CVE-2022-24921

go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package,
as well as bug fixes to the compiler, runtime, the go command, and to the net package.
See the Go 1.16.15 milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.16.15+label%3ACherryPickApproved

full diff: golang/go@go1.16.14...go1.16.15

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)

Addresses [CVE-2022-24921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24921)

go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package,
as well as bug fixes to the compiler, runtime, the go command, and to the net package.
See the Go 1.16.15 milestone on the issue tracker for details:

https://github.com/golang/go/issues?q=milestone%3AGo1.16.15+label%3ACherryPickApproved

full diff: golang/go@go1.16.14...go1.16.15

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
ndeloof
ndeloof approved these changes Mar 4, 2022
tianon
tianon approved these changes Mar 4, 2022
@samuelkarp samuelkarp merged commit 409d7ac into moby:20.10 Mar 4, 2022
2 checks passed
@thaJeztah thaJeztah deleted the 20.10_bump_go_1.16.15 branch Mar 4, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

4 participants