Skip to content

[main] Update dependencies to fix CVEs#3796

Open
prkalle wants to merge 1 commit into
cloudfoundry:mainfrom
prkalle:fix/hydrabroker-cves
Open

[main] Update dependencies to fix CVEs#3796
prkalle wants to merge 1 commit into
cloudfoundry:mainfrom
prkalle:fix/hydrabroker-cves

Conversation

@prkalle

@prkalle prkalle commented Jun 15, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Description of the Change

Related PR on v8 branch : #3795

This PR update dependencies to fix the CVEs

Why Is This PR Valuable?

It addressed the CVE fixes

Applicable Issues

How Urgent Is The Change?

Failrly urgent- Fixes the CVEs

Other Relevant Parties

Who else is affected by the change?

@prkalle prkalle force-pushed the fix/hydrabroker-cves branch from b5acb46 to 26e5fc9 Compare June 15, 2026 19:26
@prkalle prkalle changed the title Fix CVEs in hydrabroker dependencies [main] Update dependencies to fix CVEs Jun 15, 2026
@prkalle prkalle marked this pull request as ready for review June 15, 2026 19:32
@prkalle
Update dependencies to fix CVEs
acfcbf7 
Updates vulnerable golang.org/x packages in integration/assets/hydrabroker/go.mod
to match the secure versions from the main go.mod:

- golang.org/x/crypto: v0.45.0 → v0.52.0
- golang.org/x/net: v0.47.0 → v0.55.0
- golang.org/x/sys: v0.38.0 → v0.45.0
- golang.org/x/text: v0.31.0 → v0.37.0

Signed-off-by: Prem Kumar Kalle <prem.kalle@broadcom.com>
@prkalle prkalle force-pushed the fix/hydrabroker-cves branch from 26e5fc9 to acfcbf7 Compare June 15, 2026 20:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@prkalle