Bump Go version from 1.18 to 1.19/1.20 #7066
Comments
|
We are aware of this issue with Go, Please read our security policy here https://github.com/eksctl-io/eksctl/security/policy |
|
@Himangini , when are you planning to resolve this issue if you are aware of it already |
|
@Bjyothi2023, this is now fixed, the changes will be out in the next release candidate this week. |
|
Thank you very much. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Vulnerability scanner over Eksctl binary is reporting multiple vulnerabilities because of Go version 1.18.10 and the fix is available in 1.20.5, 1.19.10
List of vulnerabilities reported are :
GHSA-876p-8259-xjgg
GHSA-68g3-2p3g-w9pq
GHSA-3q6h-q44p-xw88
GHSA-9f7g-gqwh-jpf5
GHSA-c9hr-fvm9-7c49
GHSA-v4m2-x4rp-hv22
GHSA-vvpx-j8f3-3w6h
GHSA-888h-rm2r-vrc7
GHSA-rxx3-4978-3cc9
GHSA-7qhm-5mxq-x7vp
GHSA-f8f7-69v5-w4vx
GHSA-x2w5-7wp4-5qff
GHSA-xc82-5m89-g4jv
Eksctl version used: v0.156.0
Resolution: Bump Go version to either 1.20/1.19
The text was updated successfully, but these errors were encountered: