diff options
| author | silverwind <me@silverwind.io> | 2024-04-05 04:45:59 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-05 02:45:59 +0000 |
| commit | 95504045cceee9d60ff5d2eeb32cd30213b52322 (patch) | |
| tree | 80fc6c4a8d3a20027166f7a2ea6b8737ea1e6f5b /go.mod | |
| parent | 07bcfc171bcccfe78a86c7b4b3f9b729ba7d60b6 (diff) | |
| download | gitea-95504045cceee9d60ff5d2eeb32cd30213b52322.tar.gz gitea-95504045cceee9d60ff5d2eeb32cd30213b52322.zip | |
Upgrade `golang.org/x/net` to v0.24.0 (#30283)
Result of `go get -u golang.org/x/net; make tidy`.
This is related to the following vulncheck warning:
```
There are 2 vulnerabilities in modules that you require that are
neither imported nor called. You may not need to take any action.
See https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck for details.
Vulnerability #1: GO-2024-2687
HTTP/2 CONTINUATION flood in net/http
More info: https://pkg.go.dev/vuln/GO-2024-2687
Module: golang.org/x/net
Found in: golang.org/x/net@v0.22.0
Fixed in: golang.org/x/net@v0.23.0
Vulnerability #2: GO-2022-0470
No access control in github.com/blevesearch/bleve and bleve/v2
More info: https://pkg.go.dev/vuln/GO-2022-0470
Module: github.com/blevesearch/bleve/v2
Found in: github.com/blevesearch/bleve/v2@v2.3.10
Fixed in: N/A
```
Diffstat (limited to 'go.mod')
| -rw-r--r-- | go.mod | 6 |
1 files changed, 3 insertions, 3 deletions
@@ -105,11 +105,11 @@ require ( github.com/yuin/goldmark v1.7.0 github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc github.com/yuin/goldmark-meta v1.1.0 - golang.org/x/crypto v0.21.0 + golang.org/x/crypto v0.22.0 golang.org/x/image v0.15.0 - golang.org/x/net v0.22.0 + golang.org/x/net v0.24.0 golang.org/x/oauth2 v0.18.0 - golang.org/x/sys v0.18.0 + golang.org/x/sys v0.19.0 golang.org/x/text v0.14.0 golang.org/x/tools v0.19.0 google.golang.org/grpc v1.62.1 |