Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Updated version of golang.org/x/crypto to resolve CVE-2024-45337 #2890

Merged
merged 1 commit into from
Dec 23, 2024
Merged

Updated version of golang.org/x/crypto to resolve CVE-2024-45337 #2890

merged 1 commit into from
Dec 23, 2024

Conversation

dphulkar-msft
Copy link
Member

Description

Version update for golang.org/x/crypto from 0.28.0->0.31.0

Type of Change

  • Bug fix
  • New feature
  • Documentation update required
  • Code quality improvement
  • Other (describe): Version update of golang.org/x/crypto

How Has This Been Tested?

The end-to-end tests (E2E) and unit tests (UTs) associated with this pull request (PR) will adequately validate the proposed changes.

Thank you for your contribution to AzCopy!

@vibhansa-msft vibhansa-msft linked an issue Dec 16, 2024 that may be closed by this pull request
fix CVE-2024-45337 #2889
Closed
@gapra-msft
Copy link
Member

gapra-msft commented Dec 19, 2024
edited
Loading

@dphulkar-msft could you also take care of the other CVE version bump for the golang/net library?
#2896

@gapra-msft gapra-msft self-assigned this Dec 19, 2024
@dphulkar-msft dphulkar-msft merged commit faa6166 into main Dec 23, 2024
22 checks passed
@skoppell
Copy link

skoppell commented Jan 7, 2025

any guidance on when will this be released. We are waiting for this CVV fix

gapra-msft pushed a commit that referenced this pull request Jan 15, 2025
@dphulkar-msft @gapra-msft
Updated version of golang.org/x/crypto to resolve CVE-2024-45337 (#2890)
fb49086
@skoppell
Copy link

fb49086

@gapra-msft @dphulkar-msft @vibhansa-msft Appreciate if you can you look into this

@vibhansa-msft vibhansa-msft added this to the 10.28.0 milestone Jan 20, 2025
@BrewTestBot BrewTestBot mentioned this pull request Jan 27, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gapra-msft gapra-msft gapra-msft approved these changes

@vibhansa-msft vibhansa-msft vibhansa-msft approved these changes

@wonwuakpa-msft wonwuakpa-msft wonwuakpa-msft approved these changes

@adreed-msft adreed-msft Awaiting requested review from adreed-msft adreed-msft is a code owner

@seanmcc-msft seanmcc-msft Awaiting requested review from seanmcc-msft seanmcc-msft is a code owner

@souravgupta-msft souravgupta-msft Awaiting requested review from souravgupta-msft souravgupta-msft is a code owner

@tanyasethi-msft tanyasethi-msft Awaiting requested review from tanyasethi-msft tanyasethi-msft is a code owner

Assignees

@gapra-msft gapra-msft

@wonwuakpa-msft wonwuakpa-msft

Labels
None yet
Projects
None yet
Milestone
10.28.0
Development

Successfully merging this pull request may close these issues.

fix CVE-2024-45337
5 participants
@dphulkar-msft @gapra-msft @skoppell @vibhansa-msft @wonwuakpa-msft