Skip to content

Commit d428353

Browse files
panman90panman90
authored
CVE update (#23443)
* version update for go-jose/v3 & go-jose/v4, cve suppression for linux alpine * updating go version
1 parent 1fc86cb commit d428353

File tree

16 files changed

+22
-17
lines changed

16 files changed

+22
-17
lines changed

.release/security-scan.hcl

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -47,7 +47,9 @@ container {
4747
"CVE-2025-14524",
4848
"CVE-2025-14819",
4949
"CVE-2025-30258",
50-
"CVE-2026-27171"
50+
"CVE-2026-27171",
51+
"GO-2026-4923",
52+
"GHSA-6jwv-w5xf-7j27"
5153
]
5254

5355
paths = [
@@ -97,7 +99,10 @@ binary {
9799
# periodically cleaned up to remove items that are no longer found by the scanner.
98100
triage {
99101
suppress {
100-
vulnerabilities = [ "GO-2026-4923" ]
102+
vulnerabilities = [
103+
"GO-2026-4923",
104+
"GHSA-6jwv-w5xf-7j27"
105+
]
101106

102107
paths = [
103108
"internal/tools/proto-gen-rpc-glue/e2e/consul/*",

api/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/api
22

3-
go 1.25.8
3+
go 1.25.9
44

55
replace github.com/hashicorp/consul/sdk => ../sdk
66

envoyextensions/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/envoyextensions
22

3-
go 1.25.8
3+
go 1.25.9
44

55
replace (
66
github.com/hashicorp/consul/api => ../api

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul
22

3-
go 1.25.8
3+
go 1.25.9
44

55
replace (
66
github.com/hashicorp/consul/api => ./api

internal/tools/proto-gen-rpc-glue/e2e/consul/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
module github.com/hashicorp/consul
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require google.golang.org/protobuf v1.36.11

internal/tools/proto-gen-rpc-glue/e2e/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/internal/tools/proto-gen-rpc-glue/e2e
22

3-
go 1.25.8
3+
go 1.25.9
44

55
replace github.com/hashicorp/consul => ./consul
66

internal/tools/proto-gen-rpc-glue/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/internal/tools/proto-gen-rpc-glue
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require github.com/stretchr/testify v1.8.4
66

internal/tools/protoc-gen-consul-rate-limit/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/internal/tools/protoc-gen-consul-rate-limit
22

3-
go 1.25.8
3+
go 1.25.9
44

55
replace github.com/hashicorp/consul/proto-public => ../../../proto-public
66

proto-public/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/proto-public
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
google.golang.org/grpc v1.79.3

sdk/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/hashicorp/consul/sdk
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
github.com/hashicorp/go-cleanhttp v0.5.2

0 commit comments

Comments
 (0)