[security] golang.org/x/oauth2 fix pre-announcement

29 views
Skip to first unread message

anno...@golang.org

unread,
Feb 19, 2025, 6:19:13 PMFeb 19
to golan...@googlegroups.com

Hello gophers,

We plan to issue a security fix for the package golang.org/x/oauth2/jws in the golang.org/x/oauth2 module during US business hours on Monday, February 24.

This will cover the following CVEs:

  • CVE-2025-22868

Following our security policy, this is the pre-announcement of the fix.

Thanks,
The Go team

Reply all
Reply to author
Forward
0 new messages