Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix viper CVE #1985

Merged
Merged

Conversation

mohitsharma-in
Copy link
Contributor

@mohitsharma-in mohitsharma-in commented Aug 26, 2024

What this PR does / why we need it:

Which issue(s) this PR fixes

Special notes for your reviewer:

Release note:

Fixes gRPC-Go HTTP/2 vulnerability: CVE-2023-44487

Copy link
Member

@nikhita nikhita left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like the github actions require approval before they run (which is weird and should be fixed later...)

Screenshot 2024-08-26 at 12 24 25 PM

@nikhita
Copy link
Member

nikhita commented Aug 26, 2024

@mohitsharma-in looks like go mod tidy failed. Can you please update and fix?

Signed-off-by: Mohit Sharma <[email protected]>
@mohitsharma-in mohitsharma-in force-pushed the topic/mohitsh/viper-cve-fix branch from ad025f1 to 8e7bc2c Compare August 26, 2024 07:10
@mohitsharma-in
Copy link
Contributor Author

@mohitsharma-in looks like go mod tidy failed. Can you please update and fix?

Done it

@nikhita nikhita merged commit f060fe6 into vmware-tanzu:main Aug 26, 2024
20 checks passed
@nikhita nikhita mentioned this pull request Aug 29, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

gRPC-Go HTTP/2 vulnerability
2 participants