Skip to main content

Public

Project privacy set to public. By default, its content is available to everyone (authenticated or not). Please note that more restrictive permissions might exist on some items.

    •  
      request #34711 golang.org/x/net: 0.14.0 -> 0.17.0
    Actions
    Infos
    #34711
    Thomas Gerbet (tgerbet)
    2023-10-12 17:17
    2023-10-12 09:23
    36321
    Details
    golang.org/x/net: 0.14.0 -> 0.17.0

    We use it in tuleap-mercure. This upgrade is needed to fix GO-2023-2102 (CVE-2023-39325 and CVE-2023-44487).

    Note we are not impacted directly because we do not expose tuleap-mercure directly.

    Dependencies
    All
    Empty
    • [ ] enhancement
    • [ ] internal improvement
    Empty
    Stage
    Thomas Gerbet (tgerbet)
    Closed
    2023-10-12
    Attachments
    Artifact links

    Releases

    Fixed in

    Artifact ID Project Tracker Summary Status Last Update Date Submitted By Assigned to
    rel #32659 Tuleap Releases 15.2 Delivered 2023-11-09 10:20 Manuel Vacelet (vaceletm)
    Empty
    References
    Referencing request #34711

    Git commit

    tuleap/tuleap/stable

    Closes request #34711: golang.org/x/net: 0.14.0 -> 0.17.0 a56b80929e
    User avatar Thomas Gerbet (tgerbet) , 2023-10-12 10:49
    Merge commit 'refs/changes/31/29531/1' of ssh://gerrit.tuleap.net:29418/tuleap into HEAD 6a8f4ca293
    User avatar Yannis ROSSETTO (rossettoy) , 2023-10-12 17:14
    Display settings

    Follow-ups