search

milvus-io / milvus

A cloud-native vector database, storage for next generation AI applications
https://milvus.io
Apache License 2.0
29.27k stars 2.81k forks source link

[Bug]: High CVEs of milvus go lib: go.opentelemetry.io/.... v0.38.0 #34547

Open weiZhenkun opened 1 month ago

weiZhenkun commented 1 month ago

Is there an existing issue for this?

Environment

- Milvus version: Milvus 2.4.5 & master

Current Behavior

Can we update to v0.38.0 to 0.46.0? https://github.com/milvus-io/milvus/blob/master/go.mod#L49C2-L49C85

image

Expected Behavior

Can we update to v0.38.0 to 0.46.0?

Steps To Reproduce

No response

Milvus Log

No response

Anything else?

No response

yanliang567 commented 1 month ago

/assign @congqixia @xiaofan-luan I think we have some plans for it. /unassign

weiZhenkun commented 1 month ago

pr:34462

weiZhenkun commented 1 month ago

fix on 2.4.6 https://github.com/milvus-io/milvus/pull/34693