Please upgrade GO and release new version, to fix security issues #1014
Labels
backlog candidate
Pull requests/issues that are candidates to be backlog items
community
Issues or PRs opened by an external contributor
Comments
|
Hi @bartoszkosiorek! Welcome to the project! 🎉 Thanks for opening this issue! |
nginx-bot
bot
added
the
community
bartoszkosiorek
changed the title
|
@bartoszkosiorek there are no vulnerabilities: ➜ nginx-prometheus-exporter git:(main) govulncheck ./...
No vulnerabilities found.
➜ nginx-prometheus-exporter git:(main) govulncheck -version
Go: go1.24.1
Scanner: [email protected]
DB: https://vuln.go.dev
DB updated: 2025-03-18 18:14:48 +0000 UTC
No vulnerabilities found.Please use Go version 1.24.1 or latest from 1.23.x line for compiling the binary. We will be tagging new version soon. Please track work progress here: #1024 |
jjngx
added
the
backlog candidate
|
Fixed by Renovate PR |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Describe the bug
Please upgrade Go to 1.23.5 and release new version, to fix security issues.
It is already fixed with commit:
e3c6abe
It is resolving:
https://www.suse.com/security/cve/CVE-2025-22868.html
https://www.suse.com/security/cve/CVE-2025-22869.html
https://www.suse.com/security/cve/CVE-2025-22870.html
The Go needs to be upgraded (issues was resolved with Go - 1.23.5):
https://www.suse.com/security/cve/CVE-2024-45336.html
https://www.suse.com/security/cve/CVE-2024-45341.html
https://www.suse.com/security/cve/CVE-2025-22866.html
More information about fixes in Go fixes:
golang/go@fdb8413
golang/go@bb8230f
The text was updated successfully, but these errors were encountered: