From 868c103b9ff3e8fefa894d9474f1bba6a6e83606 Mon Sep 17 00:00:00 2001 From: Clay Kauzlaric Date: Thu, 12 Mar 2020 16:26:13 -0700 Subject: [PATCH] Bump golang crypto package * In response to a recent [CVE](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9283), we would like to bump the cryto package to contain this [fix](https://github.com/golang/crypto/commit/bac4c82f6975) cc @ameowlia @adobley @bruce-ricard --- go.mod | 4 +++- go.sum | 2 ++ 2 files changed, 5 insertions(+), 1 deletion(-) diff --git a/go.mod b/go.mod index 34cad74..b16c147 100644 --- a/go.mod +++ b/go.mod @@ -1,3 +1,5 @@ module github.com/nats-io/nkeys -require golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 +go 1.14 + +require golang.org/x/crypto v0.0.0-20200311171314-f7b00557c8c4 diff --git a/go.sum b/go.sum index b75b87f..ac8cd78 100644 --- a/go.sum +++ b/go.sum @@ -1,6 +1,8 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4 h1:HuIa8hRrWRSrqYzx1qI49NNxhdi2PrY7gxVSq1JjLDc= golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= +golang.org/x/crypto v0.0.0-20200311171314-f7b00557c8c4 h1:QmwruyY+bKbDDL0BaglrbZABEali68eoMFhTZpCjYVA= +golang.org/x/crypto v0.0.0-20200311171314-f7b00557c8c4/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=