Fix security issues with golang/stdlib < 1.21.5

itzg / easy-add

A utility for easily adding a file from a downloaded archive during Docker builds

MIT License

26 stars 6 forks source link

Closed strausmann closed 8 months ago

strausmann commented 8 months ago

Hello,

there are some security problems with golang/stdlib smaller than 1.21.5, I ask for a new release and increase of the dependency.

HIGH: CVE-2023-45283

Thank you very much

itzg commented 8 months ago

Thank you for reporting these, but it would be even better if you submitted PRs to bump the versions. For example