Skip to content

fix(deps): vuln golang.org/x/sys (minor → v0.46.0) [apps/dogstatsd]#1841

Draft
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/go/dogstatsd/2-1783422310
Draft

fix(deps): vuln golang.org/x/sys (minor → v0.46.0) [apps/dogstatsd]#1841
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
mainfrom
engraver-auto-version-upgrade/minorpatch/go/dogstatsd/2-1783422310

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown

Summary: Security update — 1 package upgraded (MINOR changes included)

Manifests changed:

  • apps/dogstatsd (go)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
golang.org/x/sys v0.0.0-20210510120138-977fb7262007 v0.46.0 minor Transitive 3 MEDIUM, 1 UNKNOWN

Security Details

ℹ️ Other Vulnerabilities (4)
Package CVE Severity Summary Unsafe Version Fixed In Case
golang.org/x/sys GHSA-p782-xgp4-8hr8 MODERATE golang.org/x/sys/unix has Incorrect privilege reporting in syscall v0.0.0-20210510120138-977fb7262007 0.0.0-20220412211240-33da011f77ad -
golang.org/x/sys CVE-2022-29526 MODERATE - v0.0.0-20210510120138-977fb7262007 - -
golang.org/x/sys GO-2022-0493 MODERATE Incorrect privilege reporting in syscall and golang.org/x/sys/unix v0.0.0-20210510120138-977fb7262007 0.0.0-20220412211240-33da011f77ad -
golang.org/x/sys GO-2026-5024 unknown Invoking integer overflow in NewNTUnicodeString in golang.org/x/sys/windows v0.0.0-20210510120138-977fb7262007 0.44.0 -
⚠️ Dependencies that have Reached EOL (1)
Dependency Unsafe Version EOL Date New Version Path
golang.org/x/sys v0.0.0-20210510120138-977fb7262007 - v0.46.0 apps/dogstatsd/images/dogstatsd/go.mod

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants