Bump Go version to 1.22.7 to get security fix

2024-09-10 10:56:23 +02:00 · 2024-09-10 10:56:23 +02:00 · 8dd5086adb
commit 8dd5086adb
parent 0aa39356f1
2 changed files with 3 additions and 1 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -14,6 +14,8 @@ bugs in actually-released versions.
  - [GO-2024-2937: Parsing a corrupt or malicious image with invalid color indices can cause a panic](https://pkg.go.dev/vuln/GO-2024-2937)
 - Web interface: list the job's worker tag in the job details.
 - Ensure the submitted scene is rendered in a multi-scene blend file.
+- Security updates of dependencies:
+  - [GO-2024-3106: Stack exhaustion in Decoder.Decode in encoding/gob](https://pkg.go.dev/vuln/GO-2024-3106)

 ## 3.5 - released 2024-04-16

--- a/go.mod
+++ b/go.mod
@ -1,6 +1,6 @@
 module projects.blender.org/studio/flamenco

-go 1.22.4
+go 1.22.7

 require (
 	github.com/adrg/xdg v0.4.0