go_helpers

mirror of https://github.com/Luzifer/go_helpers.git synced 2024-10-18 06:14:21 +00:00

No description

Find a file

Knut Ahlers 8899d95437 Update dependencies, fix multiple CVEs Total: 9 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 7, CRITICAL: 0) ┌───────────────────┬────────────────┬──────────┬───────────────────────────────────┬───────────────────────────────────┬──────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├───────────────────┼────────────────┼──────────┼───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ golang.org/x/net │ CVE-2021-33194 │ HIGH │ 0.0.0-20210119194325-5f4716e94777 │ 0.0.0-20210520170846-37e1c6afe023 │ golang: x/net/html: infinite loop in ParseFragment │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-33194 │ │ ├────────────────┤ │ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2021-44716 │ │ │ 0.0.0-20211209124913-491a49abca63 │ golang: net/http: limit growth of header canonicalization │ │ │ │ │ │ │ cache │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-44716 │ │ ├────────────────┤ │ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2022-27664 │ │ │ 0.0.0-20220906165146-f3363e06e74c │ handle server errors after sending GOAWAY │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-27664 │ │ ├────────────────┤ │ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2022-41723 │ │ │ 0.7.0 │ avoid quadratic complexity in HPACK decoding │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-41723 │ │ ├────────────────┼──────────┤ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2021-31525 │ MEDIUM │ │ 0.0.0-20210428140749-89ef3d95e781 │ golang: net/http: panic in ReadRequest and ReadResponse when │ │ │ │ │ │ │ reading a very large... │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-31525 │ │ ├────────────────┤ │ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2022-41717 │ │ │ 0.4.0 │ excessive memory growth in a Go server accepting HTTP/2 │ │ │ │ │ │ │ requests │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-41717 │ ├───────────────────┼────────────────┼──────────┼───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ golang.org/x/text │ CVE-2021-38561 │ HIGH │ 0.3.5 │ 0.3.7 │ out-of-bounds read in golang.org/x/text/language leads to │ │ │ │ │ │ │ DoS │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-38561 │ │ ├────────────────┤ │ ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ │ CVE-2022-32149 │ │ │ 0.3.8 │ ParseAcceptLanguage takes a long time to parse complex tags │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-32149 │ ├───────────────────┼────────────────┤ ├───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤ │ gopkg.in/yaml.v3 │ CVE-2022-28948 │ │ 3.0.0-20210107192922-496545a6307b │ 3.0.0-20220521103104-8f96da9f5d5e │ crash when attempting to deserialize invalid input │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2022-28948 │ └───────────────────┴────────────────┴──────────┴───────────────────────────────────┴───────────────────────────────────┴──────────────────────────────────────────────────────────────┘ Signed-off-by: Knut Ahlers <knut@ahlers.me>		2023-06-16 11:41:01 +02:00
.github/workflows	Drop support for Go 1.18 in tests	2023-03-18 15:38:40 +01:00
accessLogger	Fix TIP version error: Sprintf format %s has arg of wrong type byte	2017-11-05 14:50:12 +01:00
backoff	Add convenience wrapper around property sets	2020-08-07 14:30:56 +02:00
cli	Fix: Prevent panics when no arguments are given	2023-05-19 14:15:02 +02:00
duration	Add time.Duration formatter	2016-12-23 15:23:53 +01:00
env	Fix: Do not panic on weird env list entries	2021-03-09 23:25:57 +01:00
fieldcollection	Add `fieldcollection` helper	2021-11-20 21:30:58 +01:00
file	Add file.FSStack implementation	2023-06-10 16:58:44 +02:00
float	Update imports to v2 import paths	2021-02-06 22:39:17 +01:00
github	Add github-binary update helper	2016-10-12 23:48:12 +02:00
http	Add `http.LogRoundTripper` helper for request debugging	2023-02-06 15:47:21 +01:00
position	Update imports to v2 import paths	2021-02-06 22:39:17 +01:00
splitter	Add output splitter	2018-04-23 12:24:16 +02:00
str	Update imports to v2 import paths	2021-02-06 22:39:17 +01:00
time	Add helpers to parse time strings using multiple formats at once	2018-07-05 10:09:39 +02:00
which	Update imports to v2 import paths	2021-02-06 22:39:17 +01:00
yaml	Add a YAML to JSON converter as yaml-helper	2018-06-07 10:59:15 +02:00
go.mod	Update dependencies, fix multiple CVEs	2023-06-16 11:41:01 +02:00
go.sum	Update dependencies, fix multiple CVEs	2023-06-16 11:41:01 +02:00
History.md	prepare release v2.18.0	2023-06-10 16:59:02 +02:00
LICENSE	Add a license file	2018-08-06 13:50:54 +02:00