earl-warren
commented
5 months ago that's only if using 3.5.1, 3.5.2 is good https://github.com/advisories/GHSA-rhh4-rh7c-7r5v
Open earl-warren opened 5 months ago
earl-warren
commented
5 months ago that's only if using 3.5.1, 3.5.2 is good https://github.com/advisories/GHSA-rhh4-rh7c-7r5v
earl-warren
commented
5 months ago But 3.5.2 is not released yet, it is only available in a fork
viceice
commented
4 months ago @mholt Any chance to publish a v3.5.2 as fix?
rathinikunj
commented
4 months ago @mholt I am also looking for the fix of this CVE. Any chance we are going to publish v3.5.2 this week?
rpmoore
commented
4 months ago I'd also like to see a release of this. Our build is failing with govulncheck because of this.
rathinikunj
commented
2 months ago @mholt Just checking in again to know if you plan to release the CVE-free version soon.
ddhawal
commented
1 month ago @mholt Just rechecking if we will get CVE-free version any time soon?
https://pkg.go.dev/vuln/GO-2024-2698 was published today and makes https://pkg.go.dev/golang.org/x/vuln/cmd/govulncheck fail.