search

jcmturner / gokrb5

Pure Go Kerberos library for clients and services
Apache License 2.0
723 stars 245 forks source link

High CVE in dependency golang.org/x/crypto #458

Closed jarosenthal closed 2 years ago

jarosenthal commented 2 years ago

Hi, there is a vulnerability in master branch go mod dependency golang.org/x/crypto v0.0.0-20201112155050-0c6587e931a9 CVE-2020-29652. There is a more recent version available, is it possible to get a fix?

jcmturner commented 2 years ago

Dependencies were updated in v8.4.3

Please reopen this issue if this does not resolve the CVE