search

opnsense / ports

OPNsense ports on top of FreeBSD
https://opnsense.org/
Other
157 stars 112 forks source link

Go 1.20.3 vulnerability warning #176

Closed handonam closed 1 year ago

handonam commented 1 year ago

Issue

Go has multiple vulnerabilities in 1.20.3

Describe the solution you like

Update GO per vulnerability warning.

Error Log

Occurs in OPNSense 23.1.11 during a make install for tailscale (/usr/ports/security/tailscale)

===>  go120-1.20.3 has known vulnerabilities:
go120-1.20.3 is vulnerable:
  go -- multiple vulnerabilities
  CVE: CVE-2023-29400
  CVE: CVE-2023-24540
  CVE: CVE-2023-24539
  CVE: CVE-2023-29404
  CVE: CVE-2023-29403
  CVE: CVE-2023-29402
  CVE: CVE-2023-29406
  WWW: https://vuxml.FreeBSD.org/freebsd/78f2e491-312d-11ee-85f2-bd89b893fcb4.html

1 problem(s) in 1 installed package(s) found.
=> Please update your ports tree and try again.
=> Note: Vulnerable ports are marked as such even if there is no update available.
=> If you wish to ignore this vulnerability rebuild with 'make DISABLE_VULNERABILITIES=yes'
*** Error code 1

Stop.
make[2]: stopped in /usr/ports/lang/go120
*** Error code 1

Stop.
make[1]: stopped in /usr/ports/lang/go120
*** Error code 1

Stop.
make: stopped in /usr/ports/security/tailscale
fichtner commented 1 year ago

It will land when it lands in FreeBSD. No need to notify us about it really.