johno/beads
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update Go toolchain to 1.24.11 to address CVEs

Browse Source 
Fixes #565. Updates toolchain from go1.24.2 to go1.24.11 to address:
- CVE-2025-22874: crypto/x509 ExtKeyUsageAny policy validation
- CVE-2025-47907: database/sql Postgres Scan race condition
- CVE-2025-58183: archive/tar unbounded allocation
- CVE-2025-58186: net/http unbounded headers
- CVE-2025-58187: crypto/x509 name constraint resource consumption
- CVE-2025-61729: crypto/x509 excessive resource consumption

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Steve Yegge
2025-12-16 00:52:54 -08:00
parent 25ea1e7de3
commit 88ccce884c
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
go.mod
View File

@@ -2,7 +2,7 @@ module github.com/steveyegge/beads
go 1.24.0
toolchain go1.24.2
toolchain go1.24.11
require (
github.com/anthropics/anthropic-sdk-go v1.19.0