Skip to content

fix: CVE-2025-61729 & CVE-2025-61726 - upgrade go version to >1.25.5#2750

Open
infernus01 wants to merge 1 commit intotektoncd:release-v0.42.1from
infernus01:CVE-2025-61729-v0.42.1
Open

fix: CVE-2025-61729 & CVE-2025-61726 - upgrade go version to >1.25.5#2750
infernus01 wants to merge 1 commit intotektoncd:release-v0.42.1from
infernus01:CVE-2025-61729-v0.42.1

Conversation

@infernus01
Copy link
Member

@infernus01 infernus01 commented Feb 26, 2026

Changes

Scope of this fix is to address CVE-2025-61729 & CVE-2025-61726 by upgrading go version above 1.25.5.

/kind bug

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes tests (if functionality changed/added)
  • Run the code checkers with make check
  • Regenerate the manpages, docs and go formatting with make generated
  • Commit messages follow commit message best practices

See the contribution guide
for more details.

Release Notes

@tekton-robot tekton-robot added kind/bug Categorizes issue or PR as related to a bug. release-note Denotes a PR that will be considered when it comes time to generate release notes. labels Feb 26, 2026
@tekton-robot tekton-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Feb 26, 2026
@infernus01 infernus01 mentioned this pull request Feb 26, 2026
Closed
4 tasks
@infernus01 infernus01 force-pushed the CVE-2025-61729-v0.42.1 branch from 35e7ba3 to 50140fe Compare February 26, 2026 08:42
@tekton-robot tekton-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Feb 26, 2026
aThorp96
aThorp96 reviewed Mar 4, 2026
View reviewed changes
@infernus01 infernus01 force-pushed the CVE-2025-61729-v0.42.1 branch 2 times, most recently from 4e19b10 to b7c1097 Compare March 5, 2026 07:18
@tekton-robot tekton-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Mar 5, 2026
@infernus01 infernus01 force-pushed the CVE-2025-61729-v0.42.1 branch from b7c1097 to b514114 Compare March 5, 2026 07:19
@pratap0007
Copy link
Contributor

pratap0007 commented Mar 5, 2026

/ok-to-test

@pratap0007
Copy link
Contributor

pratap0007 commented Mar 5, 2026

/retest

@infernus01 infernus01 force-pushed the CVE-2025-61729-v0.42.1 branch from b514114 to 8d3d44c Compare March 5, 2026 08:10
@infernus01
fix: CVE-2025-61729 & CVE-2025-61726 - upgrade go version to >1.25.5
8eea2e3 
Signed-off-by: Shubham Bhardwaj <shubbhar@redhat.com>
@infernus01 infernus01 force-pushed the CVE-2025-61729-v0.42.1 branch from 8d3d44c to 8eea2e3 Compare March 5, 2026 08:19
@tekton-robot tekton-robot added size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed size/S Denotes a PR that changes 10-29 lines, ignoring generated files. labels Mar 5, 2026
@infernus01
Copy link
Member Author

infernus01 commented Mar 5, 2026

/retest

2 similar comments
@pratap0007
Copy link
Contributor

pratap0007 commented Mar 5, 2026

/retest

@pratap0007
Copy link
Contributor

pratap0007 commented Mar 5, 2026

/retest

@pratap0007
Copy link
Contributor

pratap0007 commented Mar 5, 2026

/lgtm
/approve

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Mar 5, 2026
@tekton-robot
Copy link
Contributor

tekton-robot commented Mar 5, 2026

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: pratap0007
To complete the pull request process, please assign piyush-garg after the PR has been reviewed.
You can assign the PR to them by writing /assign @piyush-garg in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@divyansh42 divyansh42 Awaiting requested review from divyansh42

@pratap0007 pratap0007 Awaiting requested review from pratap0007

1 more reviewer

@aThorp96 aThorp96 aThorp96 left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@pratap0007 pratap0007

Labels

kind/bug Categorizes issue or PR as related to a bug. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@infernus01 @pratap0007 @tekton-robot @aThorp96