From f3045f0519e0b072dbc574372179267ebe175a79 Mon Sep 17 00:00:00 2001
From: Earl Warren <contact@earl-warren.org>
Date: Wed, 8 May 2024 14:21:20 +0200
Subject: [PATCH] fix(security): CVE-2024-24788 malformed DNS message

Refs: https://pkg.go.dev/vuln/GO-2024-2824
---
 go.mod                      | 2 +-
 release-notes/8.0.0/3671.md | 1 +
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 release-notes/8.0.0/3671.md

diff --git a/go.mod b/go.mod
index 4c72a35b97..5a18bfac0c 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module code.gitea.io/gitea
 
-go 1.22.2
+go 1.22.3
 
 require (
 	code.gitea.io/actions-proto-go v0.4.0
diff --git a/release-notes/8.0.0/3671.md b/release-notes/8.0.0/3671.md
new file mode 100644
index 0000000000..4989ba310e
--- /dev/null
+++ b/release-notes/8.0.0/3671.md
@@ -0,0 +1 @@
+CVE-2024-24788: a malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.