New nsc version inlcuding latest nkeys vuln patch
Closed this issue · 2 comments
rubur-webbeds commented
What motivated this proposal?
Our scanner detects the vulnerability CVE-2023-46129 in the package github.com/nats-io/nkeys
. From this PR #622 we see the new version is there, but not released yet.
What is the proposed change?
Release a new nsc
version including the patch.
Thank you
Who benefits from this change?
No response
What alternatives have you evaluated?
No response
aricart commented
working on that.
aricart commented
I just released 2.8.3 - noticed that the 2.8.2 release was staged but not published. v2.8.3 should be happy with the CVE scans!.