GitHub Actions 118e35f73e fix: patch golang.org/x/crypto in CrowdSec builder stage ...

Add x/crypto v0.46.0 upgrade to CrowdSec builder stage to remediate:
- GHSA-j5w8-q4qc-rx2x (SSH public key parsing DoS)
- GHSA-f6x5-jh6r-wrfv (SSH certificate parsing DoS)

The CrowdSec builder was missing the x/crypto patch that exists in
our backend go.mod, causing scanners to detect v0.42.0 vulnerabilities
in the final image.

2026-01-11 21:50:50 +00:00

18 KiB

Raw Blame History

View Raw