Skip to content

🐛 Uplift go 1.24.8 to address security issue #2764

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Oct 8, 2025
Merged

🐛 Uplift go 1.24.8 to address security issue #2764

merged 1 commit into from
Oct 8, 2025
+2 −2

Conversation

smoshiur1237
Copy link
Contributor

Uplift go 1.24.8 to address the security vulnerabilities. These minor releases include PRIVATE security fixes to the standard library, covering the following CVEs: announcement
CVE-2025-61724
CVE-2025-61725
CVE-2025-58187
CVE-2025-61723
CVE-2025-47912
CVE-2025-58185
CVE-2025-58186
CVE-2025-58188
CVE-2025-58183

@netlify Netlify
Copy link

netlify bot commented Oct 8, 2025
edited
Loading

Deploy Preview for kubernetes-sigs-cluster-api-openstack ready!

Name Link
🔨 Latest commit 4a11173
🔍 Latest deploy log https://app.netlify.com/projects/kubernetes-sigs-cluster-api-openstack/deploys/68e63f7e0d3467000845bcff
😎 Deploy Preview https://deploy-preview-2764--kubernetes-sigs-cluster-api-openstack.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@k8s-ci-robot k8s-ci-robot added the cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. label Oct 8, 2025
@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Oct 8, 2025
lentzi90
lentzi90 reviewed Oct 8, 2025
View reviewed changes
Copy link
Contributor

@lentzi90 lentzi90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 8, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: lentzi90

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Oct 8, 2025
@k8s-ci-robot k8s-ci-robot merged commit 033f0ec into kubernetes-sigs:main Oct 8, 2025
12 checks passed
@github-project-automation github-project-automation bot moved this from Inbox to Done in CAPO Roadmap Oct 8, 2025
@lentzi90 lentzi90 deleted the update-go-security branch October 8, 2025 12:00
@lentzi90
Copy link
Contributor

lentzi90 commented Oct 8, 2025

/cherry-pick release-0.13

@k8s-infra-cherrypick-robot
Copy link

@lentzi90: #2764 failed to apply on top of branch "release-0.13":

Applying: Uplift go 1.24.8 to address security issue
Using index info to reconstruct a base tree...
M	Dockerfile
M	Makefile
Falling back to patching base and 3-way merge...
Auto-merging Makefile
Auto-merging Dockerfile
CONFLICT (content): Merge conflict in Dockerfile
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
hint: When you have resolved this problem, run "git am --continue".
hint: If you prefer to skip this patch, run "git am --skip" instead.
hint: To restore the original branch and stop patching, run "git am --abort".
hint: Disable this message with "git config advice.mergeConflict false"
Patch failed at 0001 Uplift go 1.24.8 to address security issue

In response to this:

/cherry-pick release-0.13

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

@smoshiur1237
Copy link
Contributor Author

I am doing manual cherry-pick

@smoshiur1237 smoshiur1237 mentioned this pull request Oct 8, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lentzi90 lentzi90 lentzi90 left review comments

@EmilienM EmilienM Awaiting requested review from EmilienM

Assignees

@lentzi90 lentzi90

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

CAPO Roadmap
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@smoshiur1237 @k8s-ci-robot @lentzi90 @k8s-infra-cherrypick-robot