Can we release a new gosu tag with go version 1.19

tianon / gosu

Simple Go-based setuid+setgid+setgroups+exec

Apache License 2.0

4.73k stars 321 forks source link

Can we release a new gosu tag with go version 1.19 #118

Closed irajdeep closed 2 years ago

irajdeep commented 2 years ago

Hey all

The latest release of gosu 1.14 is based on go version 1.16. Quite a few CVEs have been fixed since that go version, could you please do a release based on the go version 1.19.

Thanks

tianon commented 2 years ago

Sorry, this is a duplicate of #106 and #116 -- please see #104.

(Any CVE scanner reporting CVEs in the published binaries of gosu are likely reporting false positives; I maintain the list in #104 so that they can be reported to the relevant vendor to be flagged appropriately.)