From 5f016a18ffda3d52d06a58b7144708fef99b9534 Mon Sep 17 00:00:00 2001 From: Pedro Juarez Date: Tue, 2 Jul 2024 22:04:35 -0700 Subject: [PATCH] update go to 1.22.5 to fix vulnerable package net/http (#2194) ``` Vulnerability #1: GO-2024-2963 Denial of service due to improper 100-continue handling in net/http More info: https://pkg.go.dev/vuln/GO-2024-2963 Standard library Found in: net/http@go1.22.4 Fixed in: net/http@go1.22.5 ``` Signed-off-by: pjuarezd --- go.mod | 4 +--- sidecar/go.mod | 4 +--- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/go.mod b/go.mod index ec9aa5598d5..f7b286d3887 100644 --- a/go.mod +++ b/go.mod @@ -1,8 +1,6 @@ module github.com/minio/operator -go 1.22.0 - -toolchain go1.22.4 +go 1.22.5 require ( github.com/blang/semver/v4 v4.0.0 diff --git a/sidecar/go.mod b/sidecar/go.mod index f3ad16c6299..1cfd3ca1084 100644 --- a/sidecar/go.mod +++ b/sidecar/go.mod @@ -1,8 +1,6 @@ module github.com/minio/operator/sidecar -go 1.22.0 - -toolchain go1.22.4 +go 1.22.5 require ( github.com/gorilla/mux v1.8.1