Skip to content

Fix for CVEs 2026-{42507,27145 and 42504}#30

Merged
tobert merged 16 commits into
tobert:mainfrom
n4zukker:main
Jun 30, 2026
Merged

Fix for CVEs 2026-{42507,27145 and 42504}#30
tobert merged 16 commits into
tobert:mainfrom
n4zukker:main

Conversation

@n4zukker

@n4zukker n4zukker commented Jun 3, 2026

Copy link
Copy Markdown
Contributor

Updating for go 1.26 and otel cli libraries.

The intent of this PR is to apply fixes for

@n4zukker

n4zukker commented Jun 3, 2026

Copy link
Copy Markdown
Contributor Author

Sorry for the messy history. I'm not good with forks.

@n4zukker

n4zukker commented Jun 4, 2026

Copy link
Copy Markdown
Contributor Author

Other CVEs fixed:

Severity CVE Component Fixed version(s)
Critical CVE-2026-39821 go://golang.org/x/net:0.48.0 [0.55.0]
High CVE-2026-33814 go://golang.org/x/net:0.48.0 [0.53.0]
Medium CVE-2026-25680 go://golang.org/x/net:0.48.0 [0.55.0]
Medium CVE-2026-25681 go://golang.org/x/net:0.48.0 [0.55.0]
Medium CVE-2026-27136 go://golang.org/x/net:0.48.0 [0.55.0]
Medium CVE-2026-42502 go://golang.org/x/net:0.48.0 [0.55.0]
Medium CVE-2026-42506 go://golang.org/x/net:0.48.0 [0.55.0]
Low CVE-2026-39824 go://golang.org/x/sys:0.42.0 [0.44.0]

@tobert

tobert commented Jun 30, 2026

Copy link
Copy Markdown
Owner

Oh hey, apologies for missing this. Taking a look now.

@tobert tobert merged commit ee815d2 into tobert:main Jun 30, 2026
1 check passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants