Skip to content

Commit c8bbfeb

Browse files
LopatinDmitrLopatinDmitr
authored
chore(core): CVE mitigation 08-04-2026 (#2196)
chore(core): cve mitigation 08-04-2026 - Fix CVE-2026-32280 Unexpected work during chain building in crypto/x509 - Fix CVE-2026-32281 Inefficient policy validation in crypto/x509 - Fix CVE-2026-32282 TOCTOU permits root escape on Linux via Root.Chmod in os in internal/syscall/unix... - Fix CVE-2026-32283 Unauthenticated TLS 1.3 KeyUpdate record can cause persistent connection retention and DoS.. - Fix CVE-2026-32288 Unbounded allocation for old GNU sparse in archive/tar - Fix CVE-2026-32289 JsBraceDepth Context Tracking Bugs (XSS) in html/template Signed-off-by: Dmitry Lopatin <dmitry.lopatin@flant.com>
1 parent a8ef145 commit c8bbfeb

26 files changed

Lines changed: 84 additions & 69 deletions

File tree

.github/workflows/dev_module_build-and-registration.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -25,7 +25,7 @@ env:
2525
MODULES_MODULE_TAG: ${{ github.event.inputs.tag }}
2626
SOURCE_REPO: "${{secrets.SOURCE_REPO}}"
2727
SOURCE_REPO_GIT: "${{secrets.SOURCE_REPO_GIT}}"
28-
GO_VERSION: "1.25.8"
28+
GO_VERSION: "1.25.9"
2929
MODULE_EDITION: "EE"
3030

3131
on:

.github/workflows/dev_module_build.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,7 +21,7 @@ env:
2121
MODULES_MODULE_SOURCE: ${{ vars.DEV_MODULE_SOURCE }}
2222
MODULES_REGISTRY_LOGIN: ${{ vars.DEV_MODULES_REGISTRY_LOGIN }}
2323
MODULES_REGISTRY_PASSWORD: ${{ secrets.DEV_MODULES_REGISTRY_PASSWORD }}
24-
GO_VERSION: "1.25.8"
24+
GO_VERSION: "1.25.9"
2525
GOLANGCI_LINT_VERSION: "2.11.1"
2626
SOURCE_REPO: "${{secrets.SOURCE_REPO}}"
2727
SOURCE_REPO_GIT: "${{secrets.SOURCE_REPO_GIT}}"

.github/workflows/dev_validation.yaml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -15,7 +15,7 @@
1515
name: Validations
1616

1717
env:
18-
GO_VERSION: "1.25.8"
18+
GO_VERSION: "1.25.9"
1919
on:
2020
pull_request:
2121
types: [opened, synchronize, labeled, unlabeled]
@@ -137,9 +137,9 @@ jobs:
137137
matrix:
138138
# Define two groups of components with their respective Go versions
139139
components:
140-
- { component: virtualization-artifact, go-version: "1.25.8" }
141-
- { component: vm-route-forge, go-version: "1.25.8" }
142-
- { component: api, go-version: "1.25.8" }
140+
- { component: virtualization-artifact, go-version: "1.25.9" }
141+
- { component: vm-route-forge, go-version: "1.25.9" }
142+
- { component: api, go-version: "1.25.9" }
143143

144144
steps:
145145
- name: Set skip flag

.github/workflows/e2e-matrix.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -339,7 +339,7 @@ jobs:
339339
virtualization_tag: main
340340
deckhouse_channel: alpha
341341
default_user: cloud
342-
go_version: "1.25.8"
342+
go_version: "1.25.9"
343343
e2e_timeout: "3.5h"
344344
date_start: ${{ needs.set-vars.outputs.date_start }}
345345
randuuid4c: ${{ needs.set-vars.outputs.randuuid4c }}

.github/workflows/nightly_e2e_tests_ceph.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ env:
1818
CSI: rbd.csi.ceph.com
1919
STORAGE_CLASS_NAME: ceph-pool-r2-csi-rbd-immediate
2020
CI_COMMIT_REF_NAME: ${{ github.ref_name }}
21-
GO_VERSION: "1.25.8"
21+
GO_VERSION: "1.25.9"
2222
TIMEOUT: "3h"
2323

2424
on:

.github/workflows/nightly_e2e_tests_replicated.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ env:
1818
CSI: replicated.csi.storage.deckhouse.io
1919
STORAGE_CLASS_NAME: linstor-thin-r1
2020
CI_COMMIT_REF_NAME: ${{ github.ref_name }}
21-
GO_VERSION: "1.25.8"
21+
GO_VERSION: "1.25.9"
2222
TIMEOUT: "3h"
2323

2424
on:

.github/workflows/release_module_release-channels.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -117,7 +117,7 @@ jobs:
117117
needs: print-vars
118118
if: ${{ !inputs.check_only && (inputs.ce || inputs.ee) }}
119119
env:
120-
GO_VERSION: "1.25.8"
120+
GO_VERSION: "1.25.9"
121121
input_channel: ${{ github.event.inputs.channel }}
122122
input_version: ${{ github.event.inputs.tag }}
123123
steps:
@@ -411,7 +411,7 @@ jobs:
411411
name: Check version on release channel
412412
runs-on: ubuntu-latest
413413
env:
414-
GO_VERSION: "1.25.8"
414+
GO_VERSION: "1.25.9"
415415
input_channel: ${{ github.event.inputs.channel }}
416416
input_version: ${{ github.event.inputs.tag }}
417417
needs:

api/client/examples/cancel-evacuation/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/deckhouse/virtualization/api/client/examples/cancel-evacuation
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
github.com/deckhouse/virtualization/api v1.6.1

api/client/examples/list-resources/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/deckhouse/virtualization/api/client/examples/list-resources
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
github.com/deckhouse/virtualization/api v1.6.1

api/client/examples/resourceclaim/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/deckhouse/virtualization/api/client/examples/resourceclaim
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
github.com/deckhouse/virtualization/api v1.6.1

0 commit comments

Comments
 (0)