@@ -27,7 +27,7 @@ ARG EXPR_LANG_VERSION=1.17.8
2727# renovate: datasource=go depName=golang.org/x/net
2828ARG XNET_VERSION=0.55.0
2929# renovate: datasource=go depName=golang.org/x/crypto
30- ARG XCRYPTO_VERSION=0.52 .0
30+ ARG XCRYPTO_VERSION=0.53 .0
3131# renovate: datasource=npm depName=npm
3232ARG NPM_VERSION=11.16.0
3333
@@ -466,7 +466,7 @@ RUN go get github.com/expr-lang/expr@v${EXPR_LANG_VERSION} && \
466466 # renovate: datasource=go depName=github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream
467467 go get github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream@v1.7.13 && \
468468 # renovate: datasource=go depName=github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs
469- go get github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs@v1.75.1 && \
469+ go get github.com/aws/aws-sdk-go-v2/service/cloudwatchlogs@v1.75.2 && \
470470 go get github.com/aws/aws-sdk-go-v2/service/kinesis@v1.43.7 && \
471471 go get github.com/aws/aws-sdk-go-v2/service/s3@v1.102.1 && \
472472 # CVE-2026-32952: go-ntlmssp DoS via malicious NTLM challenge response
@@ -477,7 +477,7 @@ RUN go get github.com/expr-lang/expr@v${EXPR_LANG_VERSION} && \
477477 # Affects /usr/local/bin/crowdsec and /usr/local/bin/cscli (CrowdSec embeds quic-go v0.57.0).
478478 # Fix available at v0.59.1. Caddy already resolves v0.59.1 through its own graph.
479479 # renovate: datasource=go depName=github.com/quic-go/quic-go
480- go get github.com/quic-go/quic-go@v0.59.1 && \
480+ go get github.com/quic-go/quic-go@v0.60.0 && \
481481 # buger/jsonparser Delete() panic via negative slice index on malformed JSON.
482482 # Fix available at v1.2.0.
483483 # renovate: datasource=go depName=github.com/buger/jsonparser
0 commit comments