Does v1.26.5 have fix for CVE-2023-24538?

[bbeggs-ibm]

would go upgrade to 1.19 by @jcho02 in #1029 in https://github.com/operator-framework/operator-registry/releases/tag/v1.26.3 fix CVE-2023-24538 which requires go upgrade to 1.19.8 minimum.

We upgraded to https://github.com/operator-framework/operator-registry/releases/tag/v1.26.5, but the build failed due to this issue #1086. All we have is a power 8 machine. Though we are working on getting a later machine.

[grokspawn]

I can't speak to that version because all the logs have been garbage collected for those runs and our goreleaser config just asks for 1.19, but recent goreleaser runs are using 1.19.9 so when we cut the next release this will be resolved.

[grokspawn]

Verified that v1.28.0 is using 1.19.9