Merge pull request 'fix(security): CVE-2024-24788 malformed DNS message' (#3671) from earl-warren/forgejo:wip-go-1.22.3 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3671 Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
This commit is contained in:
commit
7729cb3ecc
2
go.mod
2
go.mod
|
@ -1,6 +1,6 @@
|
||||||
module code.gitea.io/gitea
|
module code.gitea.io/gitea
|
||||||
|
|
||||||
go 1.22.2
|
go 1.22.3
|
||||||
|
|
||||||
require (
|
require (
|
||||||
code.gitea.io/actions-proto-go v0.4.0
|
code.gitea.io/actions-proto-go v0.4.0
|
||||||
|
|
|
@ -0,0 +1 @@
|
||||||
|
CVE-2024-24788: a malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.
|
Loading…
Reference in New Issue