Adress CVE-2024-6104 in github.com/hashicorp/go-retryablehttp
What does this MR do?
Adress CVE-2024-6104 in github.com/hashicorp/go-retryablehttp
Bumping the version from v0.7.5
to v0.7.7
fixes this medium severity
vulnerability.
Why was this MR needed?
To be less vulnerable.
What's the best way to test this MR?
Run trivy / grype against the binary / image.
What are the relevant issue numbers?
https://nvd.nist.gov/vuln/detail/CVE-2024-6104
closes: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/37832
closes: https://gitlab.com/gitlab-org/gitlab-runner/-/issues/37833