mirror of
https://github.com/ceph/ceph-csi.git
synced 2024-11-30 10:10:21 +00:00
763aa3df03
A vulnerability was found in golang.org/x/text/language package which
could cause a denial of service. An attacker can craft an
Accept-Language header which ParseAcceptLanguage will take significant
time to parse.
Version v0.3.8 of golang.org/x/text fixes a vulnerability.
See-also: https://go.dev/issue/56152
See-also: https://bugzilla.redhat.com/CVE-2022-32149
Signed-off-by: Niels de Vos <ndevos@redhat.com>
(cherry picked from commit
|
||
---|---|---|
.. | ||
github.com | ||
go.opentelemetry.io | ||
go.uber.org | ||
golang.org/x | ||
gomodules.xyz/jsonpatch/v2 | ||
google.golang.org | ||
gopkg.in | ||
k8s.io | ||
sigs.k8s.io | ||
modules.txt |