You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Golang 1.17.1 (used for latest build 0.2.1) has several critical vulnerabilities (CVEs), and would be nice to use a more current version if possible for pre-built binaries (I'm lazy and I assume there are many others as well). I know it's a never-ending battle, but since this is used in Microsoft's azure-cli container this way (which uses a WAY older version, but that's another story -- and I can't fix that (easily) until this is resolved), I'm hoping this is easy and controversy-free. Thanks.
Currently Go 1.19.9+ or 1.20.4+ would be needed to be "Critical-CVE-free".
The text was updated successfully, but these errors were encountered:
Golang 1.17.1 (used for latest build 0.2.1) has several critical vulnerabilities (CVEs), and would be nice to use a more current version if possible for pre-built binaries (I'm lazy and I assume there are many others as well). I know it's a never-ending battle, but since this is used in Microsoft's azure-cli container this way (which uses a WAY older version, but that's another story -- and I can't fix that (easily) until this is resolved), I'm hoping this is easy and controversy-free. Thanks.
Currently Go 1.19.9+ or 1.20.4+ would be needed to be "Critical-CVE-free".
The text was updated successfully, but these errors were encountered: