Skip to content

Backport: fix: mitigate CVEs based on report 2026-06-29 (#136)#147

Merged
diafour merged 2 commits into
v1.6.2-virtualization-1.8from
dvp/cve-migitation-2026-06-29-for-release-1.8
Jul 9, 2026
Merged

Backport: fix: mitigate CVEs based on report 2026-06-29 (#136)#147
diafour merged 2 commits into
v1.6.2-virtualization-1.8from
dvp/cve-migitation-2026-06-29-for-release-1.8

Conversation

@diafour

@diafour diafour commented Jul 7, 2026

Copy link
Copy Markdown
Member

What this PR does

Backport PR #136 to use with virtualization module release-1.8.

References

See also: deckhouse/virtualization#26??

LopatinDmitr and others added 2 commits July 7, 2026 17:54
Signed-off-by: Dmitry Lopatin <dmitry.lopatin@flant.com>
Backport for release 1.9.

* fix: mitigate CVEs based on report 2026-06-29

Updated CVE-related replacements
- golang.org/x/crypto -> v0.52.0
- golang.org/x/net -> v0.55.0
- golang.org/x/oauth2 -> v0.34.0
- Go 1.24 -> Go 1.25

See deckhouse/virtualization#2557

Signed-off-by: Ivan Mikheykin <ivan.mikheykin@flant.com>
@diafour diafour merged commit 9e71561 into v1.6.2-virtualization-1.8 Jul 9, 2026
3 checks passed
@diafour diafour deleted the dvp/cve-migitation-2026-06-29-for-release-1.8 branch July 9, 2026 08:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants