Support for go uplift to 1.22.7 version and have fix for CVE-2024-24790 #331
Comments
|
Hi @smoshiur1237, thanks for reporting this. I have posted #332 to bump the version to the latest 1.22.9. |
|
Thanks @phoracek , I have left a comment and request to update the docker file in hack folder to change the go version to 1.22.7 |
|
@phoracek thanks for merging the uplift. May I know when are you going to have a release to add this change? would it be in patch release or in minor release? |
|
@smoshiur1237 I will issue a minor release in a second. Minor because the main branch has a new feature in it #322 |
|
https://github.com/k8snetworkplumbingwg/ovs-cni/releases/tag/v0.35.0 the container images should be published soon too. I will close this issue now. @smoshiur1237 thanks for reporting it. Please feel free to reopen in case you see this CVE is not resolved in the new build. |
We are having a vulnerability report which is related to CVE-2024-24790 and it has critical score. This can be fixed by uplifting go to 1.22.7. We would appreciate if you support the uplift and add the go uplift in your next official release..
The text was updated successfully, but these errors were encountered: