Skip to content

fix: CVE-2021-38561 CVE-2019-9512 CVE-2020-29652 etc.#183

Closed
testwill wants to merge 1 commit intocweill:developfrom
testwill:develop
Closed

fix: CVE-2021-38561 CVE-2019-9512 CVE-2020-29652 etc.#183
testwill wants to merge 1 commit intocweill:developfrom
testwill:develop

Conversation

@testwill
Copy link

@testwill testwill commented Jun 2, 2023

No description provided.

@cweill cweill closed this in 6f251b6 Oct 21, 2025
@cweill
Copy link
Owner

cweill commented Oct 21, 2025

Thank you for identifying these security vulnerabilities!

This has been addressed and improved upon in commit 6f251b6. We've updated golang.org/x/tools to the latest version (v0.38.0) rather than v0.9.3, which provides even better security coverage and brings us up to date with modern Go tooling.

Changes made:

  • Updated golang.org/x/tools from 2019 version to v0.38.0 (latest)
  • Updated go directive to 1.24.0
  • Fixed test code compatibility with stricter format string checking
  • All tests passing

The CVEs you identified (CVE-2021-38561, CVE-2019-9512, CVE-2020-29652) are now resolved.

Thanks for your contribution to improving gotests security!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@testwill @cweill