DFBUGS-1158: [release-4.16] Misuse of ServerConfig.PublicKeyCallback (CVE-2024-45337)

Update `golang.org.crypto` to `0.32.0` Signed-off-by: Niraj Yadav <niryadav@redhat.com>
2025-06-14 18:53:35 +00:00 · 2025-02-19 16:03:28 +05:30
parent a3424872fb
commit 1dabe902c6
156 changed files with 13385 additions and 3867 deletions
--- a/go.mod
+++ b/go.mod
@ -27,9 +27,9 @@ require (
 	github.com/pkg/xattr v0.4.9
 	github.com/prometheus/client_golang v1.18.0
 	github.com/stretchr/testify v1.9.0
-	golang.org/x/crypto v0.21.0
-	golang.org/x/net v0.22.0
-	golang.org/x/sys v0.20.0
+	golang.org/x/crypto v0.32.0
+	golang.org/x/net v0.25.0
+	golang.org/x/sys v0.29.0
 	google.golang.org/grpc v1.62.1
 	google.golang.org/protobuf v1.33.0
 	//
@ -161,11 +161,11 @@ require (
 	go.uber.org/zap v1.26.0 // indirect
 	golang.org/x/exp v0.0.0-20220827204233-334a2380cb91 // indirect
 	golang.org/x/oauth2 v0.16.0 // indirect
-	golang.org/x/sync v0.6.0 // indirect
-	golang.org/x/term v0.18.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/term v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/time v0.3.0 // indirect
-	golang.org/x/tools v0.16.1 // indirect
+	golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d // indirect
 	gomodules.xyz/jsonpatch/v2 v2.4.0 // indirect
 	google.golang.org/appengine v1.6.8 // indirect
 	google.golang.org/genproto v0.0.0-20240123012728-ef4313101c80 // indirect