From 63a29110ee79dba1e16764cf1350f4d4b3f328a0 Mon Sep 17 00:00:00 2001 From: Dmitrii Stepanov Date: Wed, 6 Mar 2024 12:54:56 +0300 Subject: [PATCH] [#634] go.mod: Bump protobuf version Found by vulncheck: Vulnerability #1: GO-2024-2611 Infinite loop in JSON unmarshaling in google.golang.org/protobuf More info: https://pkg.go.dev/vuln/GO-2024-2611 Module: google.golang.org/protobuf Found in: google.golang.org/protobuf@v1.32.0 Fixed in: google.golang.org/protobuf@v1.33.0 Signed-off-by: Dmitrii Stepanov --- go.mod | 2 +- go.sum | Bin 42022 -> 42022 bytes 2 files changed, 1 insertion(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 926c1b64e..6ba1ed73d 100644 --- a/go.mod +++ b/go.mod @@ -42,7 +42,7 @@ require ( golang.org/x/sys v0.16.0 golang.org/x/term v0.16.0 google.golang.org/grpc v1.61.0 - google.golang.org/protobuf v1.32.0 + google.golang.org/protobuf v1.33.0 gopkg.in/yaml.v3 v3.0.1 ) diff --git a/go.sum b/go.sum index 2b09f5312caf08e7988e56be3d51c896ec580efc..24120b20a3f352e7f7274353c17647a134184d57 100644 GIT binary patch delta 76 zcmZ2>f@#?arVZtDjEwaR6fz90O8xweii#aQ{R;KHa@-1nQzBixJ);atyf@#?arVZtDjEwXQ6fz903Id$XoZL-QD=Y$B-14%MirhnuT{9~xGrW@njS^i- goq~