Skip to content

Commit c6bece0

Browse files
Divyanshu Agrawalclaude
andcommitted
fix(cve): CVE-2026-32280, CVE-2026-32281 - update Go from 1.25.8 to 1.25.9
- Update Go from 1.25.8 to 1.25.9 to address Go stdlib vulnerabilities - CVE-2026-32280 (CVSS 7.5 HIGH): crypto/x509 DoS via certificate chain building All Go versions < 1.25.9 affected; fixed in 1.25.9 - CVE-2026-32281 (CVSS 7.5 HIGH): crypto/x509 DoS via inefficient certificate chain validation; fixed in Go 1.25.9 Changes: - go.mod: go 1.25.8 → go 1.25.9 - go mod tidy, go mod verify, go mod vendor completed Resolves: SRVKP-12045, SRVKP-12003 Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
1 parent d6b0e56 commit c6bece0

3 files changed

Lines changed: 1 addition & 403 deletions

File tree

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/tektoncd/cli
22

3-
go 1.25.8
3+
go 1.25.9
44

55
require (
66
github.com/AlecAivazis/survey/v2 v2.3.7

vendor/github.com/alibabacloud-go/cr-20160607/LICENSE

Lines changed: 0 additions & 201 deletions
This file was deleted.

0 commit comments

Comments
 (0)