fix(security): CVE-2024-24788 malformed DNS message

Refs: https://pkg.go.dev/vuln/GO-2024-2824
(cherry picked from commit f3045f0519e0b072dbc574372179267ebe175a79)
This commit is contained in:
Earl Warren 2024-05-08 14:21:20 +02:00 committed by GitHub
parent dd3487dbbf
commit 696ed328fb
2 changed files with 2 additions and 1 deletions

2
go.mod
View file

@ -1,6 +1,6 @@
module code.gitea.io/gitea
go 1.22.2
go 1.22.3
require (
code.gitea.io/actions-proto-go v0.4.0

View file

@ -0,0 +1 @@
CVE-2024-24788: a malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.