Comment # 3 on bug 1231717 from Camila Camargo de Matos 
(In reply to Johannes Kastl from comment #2)
> Thanks for the report.
> 
> As far as I can see, 0.192.0 uses a vulnerable version:
> 
> $ grep gomarkdown go.mod 
>         github.com/gomarkdown/markdown v0.0.0-20230922112808-5421fefb8386 //
> indirect
> $
> 
> Upstream is still using this version.
> https://github.com/eksctl-io/eksctl/blob/main/go.mod#L216
> 
> Did anyone report this to upstream already?
> 
> Kind Regards,
> Johannes

I don't think that this has been reported in the eksctl upstream, only in the
gomarkdown/markdown upstream.

You are receiving this mail because: