Skip to content

Update golang dependencies#145

Open
djoreilly wants to merge 1 commit into
SUSE:sensor-base-0.7.0from
djoreilly:golang-cve-fixes
Open

Update golang dependencies#145
djoreilly wants to merge 1 commit into
SUSE:sensor-base-0.7.0from
djoreilly:golang-cve-fixes

Conversation

@djoreilly
Copy link
Copy Markdown

@djoreilly djoreilly commented May 29, 2026

Update the following:

  • go 1.24.0 => 1.25.0
  • github.com/go-jose/go-jose/v3 v3.0.4 -> v3.0.5
  • github.com/cloudflare/circl v1.3.7 -> v1.6.3
  • golang.org/x/crypto v0.46.0 -> v0.52.0
  • golang.org/x/net v0.48.0 -> v0.55.0
  • github.com/russellhaering/goxmldsig v1.3.0 -> v1.6.0
    Includes fixes for the following vulnerabilities:
  • CVE-2026-34986 (bsc#1262841)
  • CVE-2026-1229 (bsc#1265479)
  • CVE-2026-33814 (bsc#1265650)
  • CVE-2026-39827 (bsc#1266059)
  • CVE-2026-39834 (bsc#1266059)
  • CVE-2026-39828 (bsc#1266059)
  • CVE-2026-39829 (bsc#1266059)
  • CVE-2026-39831 (bsc#1266059)
  • CVE-2026-42508 (bsc#1266059)
  • CVE-2026-39833 (bsc#1266059)
  • CVE-2026-39830 (bsc#1266059)
  • CVE-2026-39832 (bsc#1266059)
  • CVE-2026-46597 (bsc#1266059)
  • CVE-2026-46598 (bsc#1266059)
  • CVE-2026-46595 (bsc#1266059)
  • CVE-2026-39835 (bsc#1266059)
  • CVE-2026-39821 (bsc#1266489)
  • CVE-2026-33487

@djoreilly
Update golang dependencies
8657320 
Update the following:
  * go 1.24.0 => 1.25.0
  * github.com/go-jose/go-jose/v3 v3.0.4 -> v3.0.5
  * github.com/cloudflare/circl v1.3.7 -> v1.6.3
  * golang.org/x/crypto v0.46.0 -> v0.52.0
  * golang.org/x/net v0.48.0 -> v0.55.0
  * github.com/russellhaering/goxmldsig v1.3.0 -> v1.6.0
Includes fixes for the following vulnerabilities:
  * CVE-2026-34986 (bsc#1262841)
  * CVE-2026-1229 (bsc#1265479)
  * CVE-2026-33814 (bsc#1265650)
  * CVE-2026-39827 (bsc#1266059)
  * CVE-2026-39834 (bsc#1266059)
  * CVE-2026-39828 (bsc#1266059)
  * CVE-2026-39829 (bsc#1266059)
  * CVE-2026-39831 (bsc#1266059)
  * CVE-2026-42508 (bsc#1266059)
  * CVE-2026-39833 (bsc#1266059)
  * CVE-2026-39830 (bsc#1266059)
  * CVE-2026-39832 (bsc#1266059)
  * CVE-2026-46597 (bsc#1266059)
  * CVE-2026-46598 (bsc#1266059)
  * CVE-2026-46595 (bsc#1266059)
  * CVE-2026-39835 (bsc#1266059)
  * CVE-2026-39821 (bsc#1266489)
  * CVE-2026-33487
@djoreilly djoreilly requested a review from xTeixeira May 29, 2026 12:49
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@xTeixeira xTeixeira Awaiting requested review from xTeixeira

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@djoreilly