search

mattn / go-mastodon

mastodon client for golang
MIT License
600 stars 85 forks source link

Update module gorilla/websocket to v1.4.1 #121

Closed renovate[bot] closed 4 years ago

renovate[bot] commented 4 years ago

This PR contains the following updates:

Package Type Update Change
github.com/gorilla/websocket require patch v1.4.0 -> v1.4.1

Release Notes

gorilla/websocket ### [`v1.4.1`](https://togithub.com/gorilla/websocket/releases/v1.4.1) [Compare Source](https://togithub.com/gorilla/websocket/compare/v1.4.0...v1.4.1) #### Notable Changes ⚠️ **This release fixes a potential denial-of-service (DoS) vector in gorilla/websocket, and we recommend that all users upgrade to this version (v1.4.1) or later** The vulnerability could allow an attacker to consume excessive amounts of memory on the server by bypassing read limits, and potentially cause the server to go out-of-memory (OOM). See the published [security advisory](https://togithub.com/gorilla/websocket/security/advisories/GHSA-jf24-p9p9-4rjh) for more details. Credit to Max Justicz () for discovering and reporting this, as well as providing a robust PoC and review. #### CHANGELOG [`c3e18be`](https://togithub.com/gorilla/websocket/commit/c3e18be) Create release-drafter.yml ([#​538](https://togithub.com/gorilla/websocket/issues/538)) [`5b740c2`](https://togithub.com/gorilla/websocket/commit/5b740c2) Read Limit Fix ([#​537](https://togithub.com/gorilla/websocket/issues/537)) [`7e9819d`](https://togithub.com/gorilla/websocket/commit/7e9819d) fix typos ([#​532](https://togithub.com/gorilla/websocket/issues/532)) [`ae1634f`](https://togithub.com/gorilla/websocket/commit/ae1634f) Create CircleCI config.yml ([#​519](https://togithub.com/gorilla/websocket/issues/519)) [`80c2d40`](https://togithub.com/gorilla/websocket/commit/80c2d40) fix autobahn test suite link ([#​503](https://togithub.com/gorilla/websocket/issues/503)) [`6a67f44`](https://togithub.com/gorilla/websocket/commit/6a67f44) remove redundant err!=nil check in conn.go Close method ([#​505](https://togithub.com/gorilla/websocket/issues/505)) [`0ec3d1b`](https://togithub.com/gorilla/websocket/commit/0ec3d1b) Fix typo [`856ca61`](https://togithub.com/gorilla/websocket/commit/856ca61) Add buffer commentary [`7c8e298`](https://togithub.com/gorilla/websocket/commit/7c8e298) Add support for go-module [`8ab6030`](https://togithub.com/gorilla/websocket/commit/8ab6030) Add JoinMessages [`95ba29e`](https://togithub.com/gorilla/websocket/commit/95ba29e) Updated autobahn test suite URL [`483fb8d`](https://togithub.com/gorilla/websocket/commit/483fb8d) Add "in bytes" to sizes in documentation [`76e4896`](https://togithub.com/gorilla/websocket/commit/76e4896) Fix formatting problem in the docs. ([#​435](https://togithub.com/gorilla/websocket/issues/435)) [`a51a35a`](https://togithub.com/gorilla/websocket/commit/a51a35a) Improve header parsing code [`3130e8d`](https://togithub.com/gorilla/websocket/commit/3130e8d) Return write buffer to pool on write error ([#​427](https://togithub.com/gorilla/websocket/issues/427)) [`cdd40f5`](https://togithub.com/gorilla/websocket/commit/cdd40f5) Add comprehensive host test ([#​429](https://togithub.com/gorilla/websocket/issues/429))

Renovate configuration

:date: Schedule: At any time (no schedule defined).

:vertical_traffic_light: Automerge: Disabled by config. Please merge this manually once you are satisfied.

:recycle: Rebasing: Whenever PR becomes conflicted, or if you modify the PR title to begin with "rebase!".

:no_bell: Ignore: Close this PR and you won't be reminded about this update again.

Newsflash: Renovate has joined WhiteSource, and is now free for all use. Learn more or view updated terms and privacy policies.