Release due to CVE in golang

maxmind / geoipupdate

GeoIP update client code

Apache License 2.0

713 stars 143 forks source link

Release due to CVE in golang #329

Closed rotscher closed 2 months ago

rotscher commented 2 months ago

The latest release 7.0.1 is compiled with golang 1.22.1 which faces a least one critical CVE (CVE-2024-24790). Are there plans to release a new version soon?

oschwald commented 2 months ago

geoipupdate does not use those methods and is not impacted by the CVE.