Skip to content

Update golang/x/crypto to 0.17.0#35858

Merged
jentfoo merged 1 commit intomasterfrom
jent/golang_crypto_update
Dec 18, 2023
Merged

Update golang/x/crypto to 0.17.0#35858
jentfoo merged 1 commit intomasterfrom
jent/golang_crypto_update

Conversation

@jentfoo
Copy link
Copy Markdown
Contributor

@jentfoo jentfoo commented Dec 18, 2023

This updates crypto across all go.mod files in teleport to address CVE-2023-48795.

@jentfoo jentfoo added security Security Issues go Issues related to Go builds/tooling dependencies Pull requests that update a dependency file no-changelog Indicates that a PR does not require a changelog entry labels Dec 18, 2023
@jentfoo jentfoo self-assigned this Dec 18, 2023
@github-actions github-actions Bot requested a review from jimbishopp December 18, 2023 19:28
@codingllama
Copy link
Copy Markdown
Contributor

codingllama commented Dec 18, 2023

I've just landed #35844, but I didn't touch the indirects.

@jentfoo
Copy link
Copy Markdown
Contributor Author

jentfoo commented Dec 18, 2023

Thanks for getting on that @codingllama. We should still land this one in addition to get indirect updates.

@jentfoo
Update golang/x/crypto to 0.17.0
89d38ff 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
@codingllama
Copy link
Copy Markdown
Contributor

codingllama commented Dec 18, 2023

That's fine. Please rebase so we don't see duplicate changes.

@jentfoo jentfoo force-pushed the jent/golang_crypto_update branch from 31a8d32 to 89d38ff Compare December 18, 2023 19:38
@jentfoo jentfoo requested a review from tigrato December 18, 2023 19:40
codingllama
codingllama approved these changes Dec 18, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@codingllama codingllama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks!

@codingllama
Copy link
Copy Markdown
Contributor

codingllama commented Dec 18, 2023
edited
Loading

I recommend doing the backports manually, with the same go get / go mod tidy combo you ran to create this one. The bot backport will likely just cause problems for you.

@jentfoo
Copy link
Copy Markdown
Contributor Author

jentfoo commented Dec 18, 2023

I plan to do the backport manually, I just like to always include the labels to show my intention

@jentfoo jentfoo added this pull request to the merge queue Dec 18, 2023
Merged via the queue into master with commit 06f5501 Dec 18, 2023
@jentfoo jentfoo deleted the jent/golang_crypto_update branch December 18, 2023 20:26
@public-teleport-github-review-bot
Copy link
Copy Markdown

public-teleport-github-review-bot Bot commented Dec 18, 2023

@jentfoo See the table below for backport results.

Branch Result
branch/v12 Failed
branch/v13 Failed
branch/v14 Failed

jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
9eb77d0 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
bb50607 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
jentfoo added a commit that referenced this pull request Dec 19, 2023
@jentfoo
Update golang/x/crypto to 0.17.0 (#35858)
0163d4d 
This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.
This was referenced Dec 19, 2023
Merged
Merged
Merged
github-merge-queue Bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v13] Bump golang.org/x/crypto to v0.17.0 (#35878)
c248fee 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v12] Bump golang.org/x/crypto to v0.17.0 (#35877)
e83650e 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
github-merge-queue Bot pushed a commit that referenced this pull request Dec 19, 2023
@jentfoo @codingllama
[v14] Bump golang.org/x/crypto to v0.17.0 (#35879)
c2b8825 
* chore: Bump golang.org/x/crypto to v0.17.0 (#35844)

* chore: Bump golang.org/x/crypto to v0.17.0

Update to latest release / security patch.

* https://groups.google.com/g/golang-announce/c/qA3XtxvMUyg/m/ZOwFpYq3AAAJ

* Bump api/go.mod

* Update golang/x/crypto to 0.17.0 (#35858)

This updates crypto across all go.mod files in `teleport` to address CVE-2023-48795.

---------

Co-authored-by: Alan Parra <alan.parra@goteleport.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@codingllama codingllama codingllama approved these changes

@rosstimothy rosstimothy rosstimothy approved these changes

Assignees

@jentfoo jentfoo

Labels

dependencies Pull requests that update a dependency file go Issues related to Go builds/tooling no-changelog Indicates that a PR does not require a changelog entry security Security Issues size/sm

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jentfoo @codingllama @rosstimothy