sam_oneal/pulumi-docker-build
1
0
Fork 0
Code Actions Packages Releases Wiki Activity

Update module golang.org/x/crypto to v0.45.0 [SECURITY] (#668)

Browse Source 
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| golang.org/x/crypto | require | minor | `v0.39.0` -> `v0.45.0` |

### GitHub Vulnerability Alerts

#### [CVE-2025-58181](https://nvd.nist.gov/vuln/detail/CVE-2025-58181)

SSH servers parsing GSSAPI authentication requests do not validate the
number of mechanisms specified in the request, allowing an attacker to
cause unbounded memory consumption.

---

### Configuration

📅 **Schedule**: Branch creation - "" (UTC), Automerge - Monday through
Friday ( * * * * 1-5 ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4yNjQuMCIsInVwZGF0ZWRJblZlciI6IjM5LjI2NC4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJpbXBhY3Qvbm8tY2hhbmdlbG9nLXJlcXVpcmVkIl19-->

---------

Co-authored-by: pulumi-renovate[bot] <189166143+pulumi-renovate[bot]@users.noreply.github.com>
Co-authored-by: pulumi-bot <bot@pulumi.com>
This commit is contained in:
pulumi-renovate[bot]
2025-11-20 02:14:14 +00:00
committed by GitHub
parent 32ecb82eb6
commit b1e526630c
4 changed files with 60 additions and 50 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
go.mod
View File

@@ -34,7 +34,7 @@ require (
go.opentelemetry.io/otel/sdk v1.36.0
go.opentelemetry.io/otel/trace v1.36.0
go.uber.org/mock v0.5.2
golang.org/x/crypto v0.39.0
golang.org/x/crypto v0.45.0
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0
google.golang.org/protobuf v1.36.6
gopkg.in/yaml.v3 v3.0.1
@@ -432,7 +432,7 @@ require (
github.com/yagipy/maintidx v1.0.0 // indirect
github.com/yeya24/promlinter v0.3.0 // indirect
github.com/ykadowak/zerologlint v0.1.5 // indirect
github.com/yuin/goldmark v1.5.2 // indirect
github.com/yuin/goldmark v1.7.13 // indirect
github.com/yuin/goldmark-emoji v1.0.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
github.com/zclconf/go-cty v1.16.3 // indirect
@@ -460,15 +460,18 @@ require (
gocloud.dev v0.37.0 // indirect
gocloud.dev/secrets/hashivault v0.37.0 // indirect
golang.org/x/exp/typeparams v0.0.0-20240314144324-c7f7c6466f7f // indirect
golang.org/x/mod v0.25.0 // indirect
golang.org/x/net v0.40.0 // indirect
golang.org/x/mod v0.29.0 // indirect
golang.org/x/net v0.47.0 // indirect
golang.org/x/oauth2 v0.30.0 // indirect
golang.org/x/sync v0.15.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
golang.org/x/text v0.26.0 // indirect
golang.org/x/sync v0.18.0 // indirect
golang.org/x/sys v0.38.0 // indirect
golang.org/x/term v0.37.0 // indirect
golang.org/x/text v0.31.0 // indirect
golang.org/x/time v0.6.0 // indirect
golang.org/x/tools v0.33.0 // indirect
golang.org/x/tools v0.38.0 // indirect
golang.org/x/tools/go/expect v0.1.1-deprecated // indirect
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated // indirect
golang.org/x/tools/godoc v0.1.0-deprecated // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
google.golang.org/api v0.169.0 // indirect
google.golang.org/genproto v0.0.0-20240311173647-c811ad7063a7 // indirect