Please upgrade Go runtime (>= 1.19.8) to fix security vulnerabilities

Question

Please upgrade Go runtime (>= 1.19.8) to fix security vulnerabilities

jhauglid opened this issue a year ago · comments

The currently used version of the Go runtime (1.19.7) have several high severity security vulnerabilities that can be detected by scanners such as the Google Artifact Registry scanner.

Here's a list of issues:
https://security-tracker.debian.org/tracker/CVE-2023-24537
https://security-tracker.debian.org/tracker/CVE-2023-24538
https://security-tracker.debian.org/tracker/CVE-2023-24536
https://security-tracker.debian.org/tracker/CVE-2023-24534

All of these have been fixed in 1.19.8
Please consider upgrading.

Tulsi Shah · Answer 1 · Wed May 24 2023 14:22:27 GMT+0800 (China Standard Time)

New release - https://github.com/GoogleCloudPlatform/gcsfuse/releases/tag/v0.42.5