Upgrade skaffold go version to 1.22.0
alphanota opened this issue · comments
Angel Montero commented
Current go version skaffold uses (1.21.0) is affected by various vulnerabilties
CVE-2023-44487
CVE-2023-39323
CVE-2023-45285
CVE-2023-39322
CVE-2023-39321
CVE-2023-39326
CVE-2023-39318
CVE-2023-39319
Fixes for these are all in go version 1.21.3 and up
Information
- Skaffold version: 2.10
- Operating system: alpine:3.19
- Installed via: skaffold.dev
Steps to reproduce the behavior
These vulnerabilities are a subset of the vulnerabilities here: https://pantheon.corp.google.com/gcr/images/k8s-skaffold/global/skaffold@sha256:483bcee1aae9a3651d9d5ad487ad8ec1f4a57b94e51dc31aa157b9f73629164c/details?tab=vulnz