Commit 2a8ee4c
fix(deps): bump go-redis v9.6.1→v9.6.3 (GO-2025-3540)
govulncheck on b6b1851 flagged GO-2025-3540 in github.com/redis/go-redis/v9:
"Potential out of order responses when CLIENT SETINFO times out during
connection establishment" — reachable via redis.LocalBackend.Deprovision
in internal/backend/redis/local.go:261. Fixed in v9.6.3.
Missed in the earlier x/net + otel-sdk bump; this closes the third
reachable CVE on provisioner. Local make gate passes.
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>1 parent b6b1851 commit 2a8ee4c
2 files changed
Lines changed: 3 additions & 3 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
11 | 11 | | |
12 | 12 | | |
13 | 13 | | |
14 | | - | |
| 14 | + | |
15 | 15 | | |
16 | 16 | | |
17 | 17 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
142 | 142 | | |
143 | 143 | | |
144 | 144 | | |
145 | | - | |
146 | | - | |
| 145 | + | |
| 146 | + | |
147 | 147 | | |
148 | 148 | | |
149 | 149 | | |
| |||
0 commit comments