Update RUNNER_IMAGES_VERSION to 0.0.34 to fix CVE-2025-45582

Ashvin Sharma · Ashvin Sharma · commit fec159949c6d · 2026-01-20T18:29:46.000+05:30
Bumps base images to include patched tar (1.34-9.el9_7) which
fixes a directory traversal vulnerability in GNU Tar.

Changelog: security
diff --git a/.gitlab/ci/_common.gitlab-ci.yml b/.gitlab/ci/_common.gitlab-ci.yml
@@ -4,7 +4,7 @@ variables:
   # or the 'docs:check development docs Go version' job will fail
   GO_VERSION: "1.25.5"
   RUNNER_IMAGES_REGISTRY: registry.gitlab.com/gitlab-org/ci-cd/runner-tools/base-images
-  RUNNER_IMAGES_VERSION: "0.0.32"
+  RUNNER_IMAGES_VERSION: "0.0.34"
   RUNNER_IMAGES_WINDOWS_GO_URL: https://gitlab.com/api/v4/projects/gitlab-org%2fci-cd%2frunner-tools%2fbase-images/packages/generic/runner-images/v${RUNNER_IMAGES_VERSION}/golang-windows-amd64.zip
   CI_IMAGE: "${RUNNER_IMAGES_REGISTRY}/ci:${RUNNER_IMAGES_VERSION}"
   DOCS_LINT_IMAGE: registry.gitlab.com/gitlab-org/technical-writing/docs-gitlab-com/lint-markdown:alpine-3.22-vale-3.13.0-markdownlint2-0.19.0-lychee-0.21.0
