Skip to content

Commit

Permalink
chore: update golang.org/x/text (CVE-2021-38561)
Browse files Browse the repository at this point in the history 
Whilst xdg-go/stringprep itself is unlikely to be affected (as the CVE
is in the parse done in x/text/language rather than on the normalisation
codepath) it has a high CVSS scoring and can hence cause false positives
in applications making use of xdg-go that pull in the older version
unless they use replace directives

https://pkg.go.dev/vuln/GO-2021-0113
  • Loading branch information
@dnwe @xdg
dnwe authored and xdg committed Mar 2, 2022
1 parent 4fcaaf1 commit 544ab23
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,4 +2,4 @@ module github.com/xdg-go/stringprep

go 1.11

require golang.org/x/text v0.3.5
require golang.org/x/text v0.3.7
4 changes: 2 additions & 2 deletions go.sum
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
golang.org/x/text v0.3.5 h1:i6eZZ+zk0SOf0xgBpEpPD18qWcJda6q1sxt3S0kzyUQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=

0 comments on commit 544ab23

Please sign in to comment.