Update Go version to 1.25.5 to address CVE-2025-61729 (cloudfoundry#3682) (cloudfoundry#3689)

prkalle · navinms711 · jochenehret · commit a68e093c7c0e · 2026-02-10T08:57:13.000+01:00
CVE-2025-61729 (GO-2025-4155) is a high-severity vulnerability affecting Go versions < 1.24.11 and 1.25.0-1.25.4. The vulnerability causes excessive resource consumption in printing error strings for host certificate validation. This commit updates the Go version from 1.25.4 to 1.25.5, which includes the fix for this CVE. Reference: https://nvd.nist.gov/vuln/detail/CVE-2025-61729 Co-authored-by: Naveen Sreeramachandra <naveen.sreeramachandra@broadcom.com>
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module code.cloudfoundry.org/cli/v8
 
-go 1.25.4
+go 1.25.5
 
 require (
 	code.cloudfoundry.org/bytefmt v0.61.0
