knz
commented
3 years ago The crdb errors library is not exposed to these vulnerabilities, because it does not expose any gin-based HTTP service to the network.
Closed nabbar closed 3 years ago
knz
commented
3 years ago The crdb errors library is not exposed to these vulnerabilities, because it does not expose any gin-based HTTP service to the network.
Hello,
Could you bump your dependancies to this repos and the sentry-go forked repos. The dependancies gin-gonic / gin at version < 1.7.0 is exposed to cve :
This dependancies are included into
github.com/cockroachdb/sentry-go(cf go.mod at line 9). Could you please plan to publish new releqse of this repos and the forked sentry-go with a bump of dependancies ?Thanks in advance.