Skip to content

CVE-2025-61729, CVE-2025-66506: Bump Go & modules#2326

Open
k37y wants to merge 1 commit intoopenshift:masterfrom
k37y:cve-2025-61729-66506
Open

CVE-2025-61729, CVE-2025-66506: Bump Go & modules#2326
k37y wants to merge 1 commit intoopenshift:masterfrom
k37y:cve-2025-61729-66506

Conversation

@k37y
Copy link
Copy Markdown
Contributor

@k37y k37y commented Feb 9, 2026

go get golang.org/x/crypto@v0.43.0
go get github.com/sigstore/fulcio@v1.8.3
go mod tidy
go mod vendor

@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Feb 9, 2026

@k37y: No Jira issue with key CVE-2025 exists in the tracker at https://issues.redhat.com/.
Once a valid jira issue is referenced in the title of this pull request, request a refresh with /jira refresh.

Details

In response to this:

go get golang.org/x/crypto@v0.43.0
go get github.com/sigstore/fulcio@v1.8.3
go mod tidy
go mod vendor

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

1 similar comment
@openshift-ci-robot
Copy link
Copy Markdown
Contributor

openshift-ci-robot commented Feb 9, 2026

@k37y: No Jira issue with key CVE-2025 exists in the tracker at https://issues.redhat.com/.
Once a valid jira issue is referenced in the title of this pull request, request a refresh with /jira refresh.

Details

In response to this:

go get golang.org/x/crypto@v0.43.0
go get github.com/sigstore/fulcio@v1.8.3
go mod tidy
go mod vendor

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository.

@openshift-ci openshift-ci Bot requested review from jkhelil and prdhamdh February 9, 2026 10:47
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Feb 9, 2026

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: k37y

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci Bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 9, 2026
@k37y
Copy link
Copy Markdown
Contributor Author

k37y commented Feb 9, 2026

/hold

@openshift-ci openshift-ci Bot added the do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command. label Feb 9, 2026
@k37y k37y force-pushed the cve-2025-61729-66506 branch from 3cc8330 to 608a558 Compare February 10, 2026 01:13
@openshift-merge-robot openshift-merge-robot added the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 10, 2026
@k37y
CVE-2025-61729, CVE-2025-66506: Bump Go & modules
4a5854f 
go get golang.org/x/crypto@v0.43.0
go get github.com/sigstore/fulcio@v1.8.3
go mod tidy
go mod vendor

Signed-off-by: Vinu K <kevy.vinu@gmail.com>
@k37y k37y force-pushed the cve-2025-61729-66506 branch from 608a558 to 4a5854f Compare February 12, 2026 06:22
@openshift-merge-robot openshift-merge-robot removed the needs-rebase Indicates a PR cannot be merged because it has merge conflicts with HEAD. label Feb 12, 2026
@openshift-ci
Copy link
Copy Markdown
Contributor

openshift-ci Bot commented Feb 12, 2026

@k37y: The following test failed, say /retest to rerun all failed tests or /retest-required to rerun all mandatory failed tests:

Test name Commit Details Required Rerun command
ci/prow/security 4a5854f link false /test security

Full PR test history. Your PR dashboard.

Details

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jkhelil jkhelil Awaiting requested review from jkhelil

@prdhamdh prdhamdh Awaiting requested review from prdhamdh

Assignees

No one assigned

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. do-not-merge/hold Indicates that a PR should not merge because someone has issued a /hold command.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@k37y @openshift-ci-robot @openshift-merge-robot