gitea-mirror/sif
1
0
Fork 0
mirror of https://github.com/lunchcat/sif.git synced 2026-01-11 20:45:26 -08:00
Code Issues Packages Projects Releases Wiki Activity
Files
816ecd1e46fd6e72697518fe1185fb49fcd66cb5
sif/pkg
History
Celeste Hickenlooper 816ecd1e46 fix: update dependencies to address security vulnerabilities 
- golang.org/x/crypto v0.26.0 -> v0.46.0 (critical: ssh auth bypass)
- golang.org/x/net v0.28.0 -> v0.48.0 (medium: xss vulnerability)
- golang.org/x/oauth2 v0.11.0 -> v0.34.0 (high: input validation)
- quic-go v0.48.2 -> v0.58.0 (high: panic on undecryptable packets)
- golang-jwt/jwt v4.5.1 -> v4.5.2 (high: memory allocation)
- cloudflare/circl v1.3.7 -> v1.6.2 (low: validation issues)
- refraction-networking/utls v1.5.4 -> v1.8.1 (medium: tls downgrade)
- ulikunitz/xz v0.5.11 -> v0.5.15 (medium: memory leak)
- klauspost/compress v1.16.7 -> v1.17.4

also fixes go vet warnings for non-constant format strings
2026-01-02 18:03:27 -08:00
..
config
license: switch to bsd 3-clause, update headers and readme
2026-01-02 17:41:18 -08:00
logger
license: switch to bsd 3-clause, update headers and readme
2026-01-02 17:41:18 -08:00
scan
fix: update dependencies to address security vulnerabilities
2026-01-02 18:03:27 -08:00
utils
license: switch to bsd 3-clause, update headers and readme
2026-01-02 17:41:18 -08:00