From 0d7e0a15ab0a1e2448c992c5b1885412d41e2e12 Mon Sep 17 00:00:00 2001 From: Brian Flad Date: Fri, 8 Mar 2024 09:07:22 -0500 Subject: [PATCH] Update CHANGELOG for #385 (#387) --- .changes/unreleased/NOTES-20240307-092813.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 .changes/unreleased/NOTES-20240307-092813.yaml diff --git a/.changes/unreleased/NOTES-20240307-092813.yaml b/.changes/unreleased/NOTES-20240307-092813.yaml new file mode 100644 index 000000000..20baf9527 --- /dev/null +++ b/.changes/unreleased/NOTES-20240307-092813.yaml @@ -0,0 +1,8 @@ +kind: NOTES +body: 'all: Upgraded google.golang.org/protobuf dependency, which includes a fix for + CVE-2024-24786. While the fixed feature is not used in this Go module, this + upgrade may silence security vulnerability scanner reports that are based purely + on dependency versions.' +time: 2024-03-07T09:28:13.859378-05:00 +custom: + Issue: "385"