DFBUGS-6254: [release-4.16] Update go-jose to v3.0.5 for CVE-2026-34986#3984
DFBUGS-6254: [release-4.16] Update go-jose to v3.0.5 for CVE-2026-34986#3984malayparida2000 wants to merge 1 commit into
Conversation
Signed-off-by: Malay Kumar Parida <mparida@redhat.com> Co-authored-by: Cursor <cursoragent@cursor.com>
|
@malayparida2000: This pull request references [Jira Issue DFBUGS-6254](https://redhat.atlassian.net/browse/DFBUGS-6254), which is invalid:
Comment DetailsIn response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the openshift-eng/jira-lifecycle-plugin repository. |
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: malayparida2000 The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
@malayparida2000: The following test failed, say
Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
This PR also fixes https://redhat.atlassian.net/browse/DFBUGS-6253 |
Fixes CVE-2026-34986 (GHSA-78h2-9frx-2jm8).
Updates github.com/go-jose/go-jose/v3 to v3.0.5 across all affected modules.
Vendor trees refreshed via make deps-update.
Ref-
https://redhat.atlassian.net/browse/DFBUGS-6254
Made with Cursor