Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix HIGH severity level vulnerability CVE-2021-23772 #345

Closed
PrintlnPan opened this issue Dec 14, 2022 · 4 comments · Fixed by #346
Closed

Fix HIGH severity level vulnerability CVE-2021-23772 #345

PrintlnPan opened this issue Dec 14, 2022 · 4 comments · Fixed by #346
Labels
dependencies Pull requests that update a dependency file

Comments

@PrintlnPan
Copy link

PrintlnPan commented Dec 14, 2022
edited
Loading

gobrake depends on github.com/kataras/iris package v12.1.8 release version now, but it has a HIGH severity level vulnerability CVE-2021-23772.
Do we plan to upgrade the github.com/kataras/iris to fix the vulnerability?
@chimanjain
Copy link
Contributor

The plan is to wait for the next stable release of github.com/kataras/iris/v12 as the latest release is in beta stages i.e v12.2.0-beta6.

@PrintlnPan
Copy link
Author

PrintlnPan commented Dec 14, 2022
edited
Loading

I understand that beta releases always come with uncertain bugs. But v12.2.0 it's in the works for two years since the first alpha, and we are not sure when exactly it will release a stable version. it's possible to upgrade to 12.2.0-alpha8 of patched versions first?

@chimanjain
Copy link
Contributor

Suggestion taken. Will update iris package.

@chimanjain chimanjain linked a pull request Dec 14, 2022 that will close this issue
Update github.com/kataras/iris/v12 #346
Merged
@chimanjain chimanjain added the dependencies Pull requests that update a dependency file label Dec 14, 2022
@PrintlnPan
Copy link
Author

Thank you for you effort!!! ❤️

@PrintlnPan PrintlnPan mentioned this issue Dec 19, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update github.com/kataras/iris/v12 airbrake/gobrake
2 participants
@chimanjain @PrintlnPan