rancher
/
elemental-operator
mirror of https://github.com/rancher/elemental-operator.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
elemental-operator/vendor
History
Francesco Giudici 43f3b00193
Bump libraries to incorporate CVE fixes (#913) 
* Bump libraries to incorporate CVE fixes

Bump golang.org/x/net to cover CVE-2025-22870 and fix bsc#1238700.
Bump golang.org/x/crypto to cover CVE-2025-22869 and fix bsc#1239335.

In addition and as a requirement of the new x/crypto library go is bumped to 1.23

Signed-off-by: David Cassany <dcassany@suse.com>

* Dockerfile: bump golang container to 1.24 (#912)

Required since vendored x/crypto lib requires go ver >= 1.23

Related to #dd41431b0b2792f0fca005adf3abc3cf471877c4

Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>

* CVE-2025-22872

Bump golang.org/x/net
https://github.com/advisories/GHSA-vvgc-356p-c3xw

Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>

* go mod vendor

Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>

---------

Signed-off-by: David Cassany <dcassany@suse.com>
Signed-off-by: Francesco Giudici <francesco.giudici@suse.com>
Co-authored-by: David Cassany <dcassany@suse.com>
 		2025-06-16 11:01:16 +02:00
..
github.com Build e2e chart locally (#852) 2024-10-01 12:54:40 +00:00
go.opentelemetry.io
go.uber.org
golang.org/x Bump libraries to incorporate CVE fixes (#913) 2025-06-16 11:01:16 +02:00
gomodules.xyz/jsonpatch/v2
google.golang.org
gopkg.in
gotest.tools/v3
howett.net/plist
k8s.io
sigs.k8s.io
modules.txt Bump libraries to incorporate CVE fixes (#913) 2025-06-16 11:01:16 +02:00