Security vulnerability for golang needs to be patched. Per Mr. Heap, adding an issue in deck to it can be patched and released.