Skip to content

v1.1.3

Latest
Latest

Choose a tag to compare

View all tags
@mazrean mazrean released this 09 Nov 12:37
· 7 commits to main since this release
v1.1.3
fb4ab0a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Security Fixes

🔒 Fixed critical temporary file cleanup vulnerability - Temporary files created during multipart form parsing are now properly cleaned up from disk, preventing:

  • Information disclosure of sensitive uploaded data
  • Disk space exhaustion from accumulated temp files
  • File descriptor leaks in error scenarios

Documentation

  • Updated README with support information for GMO FlattSecurity's OSS Developer Support Program
  • Added GMO OSS badge to README

Dependency Updates

  • Bumped github.com/labstack/echo/v4 from 4.13.3 to 4.13.4
  • Bumped go.uber.org/mock from 0.5.0 to 0.6.0
  • Bumped github.com/gin-gonic/gin from 1.10.0 to 1.11.0
  • Bumped golang.org/x/sync from 0.10.0 to 0.17.0
  • Updated GitHub Actions dependencies (checkout, setup-go, upload-artifact, golangci-lint, codecov)

Full Changelog

Full Changelog: v1.1.2...v1.1.3

Assets 2
Loading