Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(security): address GHSA ID GHSA-v778-237x-gjrc #3815

Open
petermetz opened this issue Mar 19, 2025 · 0 comments · May be fixed by #3816
Open

fix(security): address GHSA ID GHSA-v778-237x-gjrc #3815

petermetz opened this issue Mar 19, 2025 · 0 comments · May be fixed by #3816
Assignees
@petermetz
Labels
bug Something isn't working P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities
Milestone
v2.2.0

Comments

@petermetz
Copy link
Contributor

https://github.com/hyperledger-cacti/cacti/security/dependabot/1347
@petermetz petermetz added bug Something isn't working P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities labels Mar 19, 2025
@petermetz petermetz added this to the v2.2.0 milestone Mar 19, 2025
@petermetz petermetz self-assigned this Mar 19, 2025
petermetz added a commit to petermetz/cacti that referenced this issue Mar 20, 2025
@petermetz
fix(security): address GHSA ID GHSA-v778-237x-gjrc
34ac498 
Upgraded golang.org/x/crypto to v0.31.0
and also the test utils library to a current latest because of this issue:

```sh
go: github.com/hyperledger-cacti/cacti/weaver/core/network/fabric-interop-cc/
libs/[email protected]: parsing go.mod:

module declares its path as: github.com/hyperledger/cacti/weaver/core/
network/fabric-interop-cc/libs/testutils

but was required as: github.com/hyperledger-cacti/cacti/weaver/core/
network/fabric-interop-cc/libs/testutils
```

Fixes hyperledger-cacti#3815

Signed-off-by: Peter Somogyvari <[email protected]>
@petermetz petermetz linked a pull request Mar 20, 2025 that will close this issue
Open
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@petermetz petermetz

Labels
bug Something isn't working P1 Priority 1: Highest Security Related to existing or potential security vulnerabilities
Projects
None yet
Milestone
v2.2.0
Development

Successfully merging a pull request may close this issue.

fix(security): address GHSA ID GHSA-v778-237x-gjrc petermetz/cacti
1 participant
@petermetz