fix(security): CVE-2024-24788 malformed DNS message

Refs: https://pkg.go.dev/vuln/GO-2024-2824
This commit is contained in:
Earl Warren 2024-05-08 14:21:20 +02:00
parent a2c8fe0370
commit f3045f0519
WARNING! Although there is a key with this ID in the database it does not verify this commit! This commit is SUSPICIOUS.
GPG key ID: 0579CB2928A78A00
2 changed files with 2 additions and 1 deletions

2
go.mod
View file

@ -1,6 +1,6 @@
module code.gitea.io/gitea module code.gitea.io/gitea
go 1.22.2 go 1.22.3
require ( require (
code.gitea.io/actions-proto-go v0.4.0 code.gitea.io/actions-proto-go v0.4.0

View file

@ -0,0 +1 @@
CVE-2024-24788: a malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.