bump x/net and x/crypto deps for CVE-2024-45337 and CVE-2024-45338

Signed-off-by: Amir Alavi <amiralavi7@gmail.com>
2026-01-26 05:14:13 +01:00 · 2025-01-02 09:41:51 -05:00
parent 71726c8c85
commit ca7afd60b9
50 changed files with 1693 additions and 272 deletions
--- a/go.mod
+++ b/go.mod
@@ -95,15 +95,15 @@ require (
 	go.opentelemetry.io/proto/otlp v1.3.1 // indirect
 	go.uber.org/multierr v1.11.0 // indirect
 	go.uber.org/zap v1.27.0 // indirect
-	golang.org/x/crypto v0.28.0 // indirect
+	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/exp v0.0.0-20240719175910-8a7402abbf56 // indirect
 	golang.org/x/mod v0.21.0 // indirect
 	golang.org/x/net v0.30.0 // indirect
 	golang.org/x/oauth2 v0.23.0 // indirect
-	golang.org/x/sync v0.8.0 // indirect
-	golang.org/x/sys v0.26.0 // indirect
-	golang.org/x/term v0.25.0 // indirect
-	golang.org/x/text v0.19.0 // indirect
+	golang.org/x/sync v0.10.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/term v0.27.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	golang.org/x/time v0.7.0 // indirect
 	golang.org/x/tools v0.26.0 // indirect
 	google.golang.org/genproto/googleapis/api v0.0.0-20240826202546-f6391c0de4c7 // indirect
@@ -125,3 +125,7 @@ require (
 )

 replace k8s.io/kube-openapi => k8s.io/kube-openapi v0.0.0-20240430033511-f0e62f92d13f
+
+replace golang.org/x/net => golang.org/x/net v0.33.0
+
+replace golang.org/x/crypto => golang.org/x/crypto v0.31.0