Closed francogeller closed 1 year ago
Latest version 0.12.0 have a transitive dependency with github.com/miekg/dns@v1.0.14 because it is a dependency of the following direct dependencies:
Any dependency with github.com/miekg/dns@v1.0.14 must be fully deprecated due to known vulnerability CVE-2019-19794 with this module version.
To definitely deprecate github.com/miekg/dns@v1.0.14 we must:
$ go get -u github.com/hashicorp/serf@latest $ go get -u github.com/hashicorp/consul/api@latest $ go mod tidy
After this: All transitive dependencies with github.com/miekg/dns@v1.0.14 are completely removed. All tests continues to complete successfully.
PR #1250 is a proposal to fix the vulnerability
What would you like?
Latest version 0.12.0 have a transitive dependency with github.com/miekg/dns@v1.0.14 because it is a dependency of the following direct dependencies:
Any dependency with github.com/miekg/dns@v1.0.14 must be fully deprecated due to known vulnerability CVE-2019-19794 with this module version.
To definitely deprecate github.com/miekg/dns@v1.0.14 we must:
After this: All transitive dependencies with github.com/miekg/dns@v1.0.14 are completely removed. All tests continues to complete successfully.