3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-02 17:38:27 +02:00
Code Issues Projects Releases Packages Wiki Activity

terrapin reference

Browse source 
Co-authored-by: Kenneth Jenkins <51246568+kenjenkins@users.noreply.github.com>
This commit is contained in:
Denis Mishin 2024-01-04 20:36:39 -05:00 committed by GitHub
parent fcdf31cb9e
commit c554d9c724
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
changelogs/v0.25.0.md
View file

@ -102,7 +102,7 @@ Changes that are expected to cause an incompatibility.
* bump github.com/prometheus/common from 0.44.0 to 0.45.0 by @dependabot in https://github.com/pomerium/pomerium/pull/4686
* bump distroless/base from `46c5b9b` to `b31a6e0` in /.github by @dependabot in https://github.com/pomerium/pomerium/pull/4670
* zero/openapi: pin v1.0.0 of a runtime by @wasaga in https://github.com/pomerium/pomerium/pull/4851
* bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in https://github.com/pomerium/pomerium/pull/4860
* bump golang.org/x/crypto from 0.16.0 to 0.17.0 by @dependabot in https://github.com/pomerium/pomerium/pull/4860. This includes a patch for [GO-2023-2402](https://pkg.go.dev/vuln/GO-2023-2402) / [CVE-2023-48795](https://github.com/advisories/GHSA-45x7-px36-x8w8) (Terrapin). Note that Pomerium does not use the affected [golang.org/x/crypto/ssh](https://pkg.go.dev/golang.org/x/crypto/ssh) package from this module.
* bump github.com/spf13/viper from 1.16.0 to 1.18.2 by @dependabot in https://github.com/pomerium/pomerium/pull/4861
* bump github.com/aws/aws-sdk-go-v2 from 1.22.2 to 1.24.0 by @dependabot in https://github.com/pomerium/pomerium/pull/4840
* bump docker/metadata-action from 5.3.0 to 5.4.0 by @dependabot in https://github.com/pomerium/pomerium/pull/4891