Thanks for pointing this out! Here's a bit more information:
This patch release upgrades the Go version used in Fleet to address
CVE-2022-41720 and
CVE-2022-41717. While we believe these to be low-no impact to Fleet instances, we'd like you to avoid potential Denial of Service attacks or unrestricted file system access and feel that this is an important security fix.
cc:
@zwass