fix(deps): update module golang.org/x/crypto to v0.45.0 [security] by renovate[bot] · Pull Request #71 · datum-cloud/workload-operator

renovate · 2025-11-20T02:37:14Z

This PR contains the following updates:

Package	Change	Age	Confidence
golang.org/x/crypto	`v0.39.0` → `v0.45.0`

GitHub Vulnerability Alerts

CVE-2025-58181

SSH servers parsing GSSAPI authentication requests do not validate the number of mechanisms specified in the request, allowing an attacker to cause unbounded memory consumption.

CVE-2025-47914

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

renovate · 2025-11-20T02:37:15Z

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`golang.org/x/sync`	`v0.15.0` -> `v0.18.0`
`golang.org/x/net`	`v0.41.0` -> `v0.47.0`
`golang.org/x/sys`	`v0.33.0` -> `v0.38.0`
`golang.org/x/term`	`v0.32.0` -> `v0.37.0`
`golang.org/x/text`	`v0.26.0` -> `v0.31.0`
`golang.org/x/tools`	`v0.33.0` -> `v0.38.0`

renovate · 2025-12-15T18:35:40Z

ℹ️ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

6 additional dependencies were updated

Details:

Package	Change
`golang.org/x/sync`	`v0.15.0` -> `v0.18.0`
`golang.org/x/net`	`v0.41.0` -> `v0.47.0`
`golang.org/x/sys`	`v0.33.0` -> `v0.38.0`
`golang.org/x/term`	`v0.32.0` -> `v0.37.0`
`golang.org/x/text`	`v0.26.0` -> `v0.31.0`
`golang.org/x/tools`	`v0.33.0` -> `v0.38.0`

cla-assistant · 2026-03-30T21:18:25Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

cla-assistant · 2026-03-30T21:18:25Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

cla-assistant · 2026-03-30T21:18:27Z

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

renovate bot changed the title ~~fix(deps): update module golang.org/x/crypto to v0.45.0 [security]~~ fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed Mar 27, 2026

renovate bot closed this Mar 27, 2026

renovate bot deleted the renovate/go-golang.org-x-crypto-vulnerability branch March 27, 2026 01:48

fix(deps): update module golang.org/x/crypto to v0.45.0 [security]

cf8883f

renovate bot changed the title ~~fix(deps): update module golang.org/x/crypto to v0.45.0 [security] - autoclosed~~ fix(deps): update module golang.org/x/crypto to v0.45.0 [security] Mar 30, 2026

renovate bot reopened this Mar 30, 2026

renovate bot force-pushed the renovate/go-golang.org-x-crypto-vulnerability branch 2 times, most recently from 05f330b to cf8883f Compare March 30, 2026 21:18

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(deps): update module golang.org/x/crypto to v0.45.0 [security]#71

fix(deps): update module golang.org/x/crypto to v0.45.0 [security]#71
renovate[bot] wants to merge 1 commit intomainfrom
renovate/go-golang.org-x-crypto-vulnerability

renovate bot commented Nov 20, 2025 •

edited

Loading

Uh oh!

renovate bot commented Nov 20, 2025

Uh oh!

renovate bot commented Dec 15, 2025

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

renovate bot commented Nov 20, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

GitHub Vulnerability Alerts

CVE-2025-58181

CVE-2025-47914

Configuration

Uh oh!

renovate bot commented Nov 20, 2025

ℹ Artifact update notice

File name: go.mod

Uh oh!

renovate bot commented Dec 15, 2025

ℹ️ Artifact update notice

File name: go.mod

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

cla-assistant bot commented Mar 30, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

renovate bot commented Nov 20, 2025 •

edited

Loading