CVE-2024-24790

[dhiaayachi]

The latest temporalio/admin-tools, temporalio/server and temporalio/ui images are using a version of Go that is impacted by CVE-2024-24790.

Updating Go to 1.21.11 or newer would fix the issue.

[dhiaayachi]

Thanks for reporting this. It's a known issue. Please refer to the following documentation for more information:

• https://github.com/temporalio/temporal/issues/5006

[dhiaayachi]

Thanks for reporting this. The latest temporalio/admin-tools, temporalio/server and temporalio/ui images are using a version of Go that is impacted by CVE-2024-24790.

Updating Go to 1.21.11 or newer would fix the issue. You can find more information about updating the Go version in the temporalio/server repository.

[dhiaayachi]

Thanks for reporting this. This is a known issue and can be worked around by updating to the latest Temporal Admin tools, Server, and UI images. We recommend following the steps in the Upgrade Temporal guide to ensure a smooth upgrade process.