You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@dubbo.apache.org by GitBox <gi...@apache.org> on 2021/01/21 05:39:37 UTC

[GitHub] [dubbo-go] QiAnXinCodeSafe opened a new issue #1004: There is a vulnerability in consul v1.8.0,upgrade recommended

QiAnXinCodeSafe opened a new issue #1004:
URL: https://github.com/apache/dubbo-go/issues/1004


   https://github.com/apache/dubbo-go/blob/9d5dc6117ee3859d09b177cea7dbd2329a4c4812/go.mod#L26
   
   CVE-2020-25201  CVE-2020-28053
   
   Recommended upgrade version：v1.8.7


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org

[GitHub] [dubbo-go] cityiron closed issue #1004: There is a vulnerability in consul v1.8.0,upgrade recommended

Posted by GitBox <gi...@apache.org>.

cityiron closed issue #1004:
URL: https://github.com/apache/dubbo-go/issues/1004


   


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org

[GitHub] [dubbo-go] zouyx commented on issue #1004: There is a vulnerability in consul v1.8.0,upgrade recommended

Posted by GitBox <gi...@apache.org>.

zouyx commented on issue #1004:
URL: https://github.com/apache/dubbo-go/issues/1004#issuecomment-770402920


   can not update consul sdk, it need to update  golang version as below:
   
   https://github.com/hashicorp/consul/issues/8538.
   
   that is too dangerous.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org

[GitHub] [dubbo-go] zouyx commented on issue #1004: There is a vulnerability in consul v1.8.0,upgrade recommended

Posted by GitBox <gi...@apache.org>.

zouyx commented on issue #1004:
URL: https://github.com/apache/dubbo-go/issues/1004#issuecomment-765880781


   Thanks for your help.


----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org



---------------------------------------------------------------------
To unsubscribe, e-mail: notifications-unsubscribe@dubbo.apache.org
For additional commands, e-mail: notifications-help@dubbo.apache.org