Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Upgrade github.com/open-policy-agent/opa in 0.12 release #2178

Open
RemindD opened this issue Jun 19, 2024 · 2 comments
Open

Upgrade github.com/open-policy-agent/opa in 0.12 release #2178

RemindD opened this issue Jun 19, 2024 · 2 comments

Comments

@RemindD
Copy link

RemindD commented Jun 19, 2024

There is a vulnerability in the package prior to 0.44.0. Could you please upgrade the package in 0.12 release build? Here is the vulerablity link: https://pkg.go.dev/vuln/GO-2022-0978
@lordalek
Copy link

this is affecting us as well in aws.

@HafdisE
Copy link

HafdisE commented Jul 29, 2024

Yes, if you could update the packages that have known critical and high vulnerabilities for the next release, that would be wonderful 🙌

go-jwx also needs to be updated, as well as opencontainers/runc

See:
https://nvd.nist.gov/vuln/detail/CVE-2024-21664
https://nvd.nist.gov/vuln/detail/CVE-2024-21626

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@lordalek @HafdisE @RemindD