Skip to content

Commit 3366ff2

Browse files
araujofaraujof
committed
chore(readme): update security patches
Signed-off-by: Frederico Araujo <frederico.araujo@ibm.com>
1 parent bd9b269 commit 3366ff2

1 file changed

Lines changed: 8 additions & 0 deletions

File tree

CHANGELOG.md

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -27,6 +27,14 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/).
2727
- Bumped UBI version to 9.2-755
2828
- Bump sf-apis to 0.6.0
2929

30+
### Security
31+
32+
- CVE-2022-41723: golang.org/x/net Uncontrolled Resource Consumption (updated to 0.7.0)
33+
- CVE-2022-27664: golang.org/x/net/http2 Denial of Service vulnerability (updated to 0.0.0-20220906165146-f3363e06e74c)
34+
- CVE-2022-32149: Denial of service in golang.org/x/text/language (updated to 0.3.8)
35+
- CVE-2022-41721: golang.org/x/net/http2/h2c vulnerable to request smuggling attack (updated to 0.1.1-0.20221104162952-702349b0e862)
36+
- CVE-2022-28948: gopkg.in/yaml.v3 Denial of Service (updated to 3.0.0-20220521103104-8f96da9f5d5e)
37+
3038
## [0.5.1] - 2023-06-07
3139

3240
### Added

0 commit comments

Comments
 (0)