Closed mend-for-github-com[bot] closed 1 year ago
This PR contains the following updates:
v0.3.1-0.20221206200815-1e63c2f08a10
v0.7.0
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Enabled.
β» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.
indirect dependency, should evaluate with go mod why where this is used.
go mod why
This PR contains the following updates:
v0.3.1-0.20221206200815-1e63c2f08a10
->v0.7.0
GitHub Vulnerability Alerts
CVE-2022-41723
A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the HPACK decoder, sufficient to cause a denial of service from a small number of small requests.
Release Notes
golang/net
### [`v0.7.0`](https://togithub.com/golang/net/compare/v0.6.0...v0.7.0) [Compare Source](https://togithub.com/golang/net/compare/v0.6.0...v0.7.0) ### [`v0.6.0`](https://togithub.com/golang/net/compare/v0.5.0...v0.6.0) [Compare Source](https://togithub.com/golang/net/compare/v0.5.0...v0.6.0) ### [`v0.5.0`](https://togithub.com/golang/net/compare/v0.4.0...v0.5.0) [Compare Source](https://togithub.com/golang/net/compare/v0.4.0...v0.5.0)Configuration
π Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).
π¦ Automerge: Enabled.
β» Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
π Ignore: Close this PR and you won't be reminded about this update again.