You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
LD has opened this issue to let everyone know that we're aware of this vulnerability report, and we will release a patch version of our Docker image to address it as soon as possible.
It's our policy to make any necessary dependency/platform updates for such issues no matter what, but we also look into the details to determine how much of an actual risk these represent, if any, to Relay Proxy installations that are currently running. Here is our analysis:
This vulnerability in the zlib library does not affect the Relay Proxy itself. When the Relay Proxy expands compressed data, it uses the Go runtime's own implementation of gzip. The vulnerability would only apply if another process is run inside the container that expands an archive.
The text was updated successfully, but these errors were encountered:
LD has opened this issue to let everyone know that we're aware of this vulnerability report, and we will release a patch version of our Docker image to address it as soon as possible.
It's our policy to make any necessary dependency/platform updates for such issues no matter what, but we also look into the details to determine how much of an actual risk these represent, if any, to Relay Proxy installations that are currently running. Here is our analysis:
zliblibrary does not affect the Relay Proxy itself. When the Relay Proxy expands compressed data, it uses the Go runtime's own implementation ofgzip. The vulnerability would only apply if another process is run inside the container that expands an archive.The text was updated successfully, but these errors were encountered: