Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update golang/x/crypto to 0.17.0 #35858

Merged
merged 1 commit into from Dec 18, 2023
Merged

Update golang/x/crypto to 0.17.0 #35858

merged 1 commit into from Dec 18, 2023

Conversation

jentfoo
Copy link
Contributor

@jentfoo jentfoo commented Dec 18, 2023

This updates crypto across all go.mod files in teleport to address CVE-2023-48795.

@jentfoo jentfoo added security Security Issues go Issues related to Go builds/tooling dependencies Pull requests that update a dependency file no-changelog Indicates that a PR does not require a changelog entry labels Dec 18, 2023
@jentfoo jentfoo self-assigned this Dec 18, 2023
@codingllama
Copy link
Contributor

I've just landed #35844, but I didn't touch the indirects.

@jentfoo
Copy link
Contributor Author

jentfoo commented Dec 18, 2023

Thanks for getting on that @codingllama. We should still land this one in addition to get indirect updates.

@jentfoo
Update golang/x/crypto to 0.17.0
89d38ff 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
@codingllama
Copy link
Contributor

That's fine. Please rebase so we don't see duplicate changes.

@jentfoo jentfoo requested a review from tigrato December 18, 2023 19:40
codingllama
codingllama approved these changes Dec 18, 2023
View reviewed changes
Copy link
Contributor

@codingllama codingllama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@codingllama
Copy link
Contributor

codingllama commented Dec 18, 2023
edited

I recommend doing the backports manually, with the same go get / go mod tidy combo you ran to create this one. The bot backport will likely just cause problems for you.

@jentfoo
Copy link
Contributor Author

jentfoo commented Dec 18, 2023

I plan to do the backport manually, I just like to always include the labels to show my intention

@jentfoo jentfoo added this pull request to the merge queue Dec 18, 2023
Merged via the queue into master with commit 06f5501 Dec 18, 2023
33 checks passed
@jentfoo jentfoo deleted the jent/golang_crypto_update branch December 18, 2023 20:26
@public-teleport-github-review-bot
Copy link

@jentfoo See the table below for backport results.

Branch Result
branch/v12 Failed
branch/v13 Failed
branch/v14 Failed

jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
9eb77d0 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
bb50607 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
0163d4d 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
This was referenced Dec 19, 2023
Merged
Merged
Merged
github-merge-queue bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v13] Bump golang.org/x/crypto to v0.17.0 (#35878)
c248fee 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
github-merge-queue bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v12] Bump golang.org/x/crypto to v0.17.0 (#35877)
e83650e 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
github-merge-queue bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v14] Bump golang.org/x/crypto to v0.17.0 (#35879)
c2b8825 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codingllama codingllama codingllama approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

Assignees

@jentfoo jentfoo

Labels
backport/branch/v12 backport/branch/v13 backport/branch/v14 dependencies Pull requests that update a dependency file go Issues related to Go builds/tooling no-changelog Indicates that a PR does not require a changelog entry security Security Issues size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jentfoo @codingllama @rosstimothy