Update github.com/go-jose/go-jose/v3 again #104
Comments
stefanberger
added a commit
to stefanberger/ocicrypt
that referenced
this issue
Mar 11, 2024
To avoid a potential DoS vulnerability in v3.0.0 update to v3.0.3. Resolves: Issue containers#104 Signed-off-by: Stefan Berger <[email protected]>
It is but I haven't heared from it. Strange. I just sent a PR. |
stefanberger
added a commit
that referenced
this issue
Mar 11, 2024
To avoid a potential DoS vulnerability in v3.0.0 update to v3.0.3. Resolves: Issue #104 Signed-off-by: Stefan Berger <[email protected]>
|
Should be fixed now. |
|
Thanks. Can we please have a new release? |
I will make one soon. |
|
Published v1.1.10 now. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
go-jose version 3.0.3 has a fix for another security vulnerability, please upgrade.
Is containers/ocicrypt not set up for dependabot?
The text was updated successfully, but these errors were encountered: