Skip to content

fixing go binary and container cve's #23138

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
bharath-k1999 merged 3 commits into from
Jan 9, 2026
Merged

fixing go binary and container cve's #23138

bharath-k1999 merged 3 commits into from
Jan 9, 2026

Conversation

@bharath-k1999
Copy link
Contributor

@bharath-k1999 bharath-k1999 commented Jan 8, 2026
edited
Loading

Description

Fixed the following CVEs
Container:
CVE-2025-47268
CVE-2025-48964
CVE-2025-10966

Binaray:
CVE-2025-58181
CVE-2025-47914

Testing & Reproduction steps

Links

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern

PCI review checklist

  • I have documented a clear reason for, and description of, the change I am making.

  • If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.

  • If applicable, I've documented the impact of any changes to security controls.

    Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.

@bharath-k1999 bharath-k1999 requested review from a team as code owners January 8, 2026 12:30
@github-actions github-actions bot added the pr/dependencies PR specifically updates dependencies of project label Jan 8, 2026
@bharath-k1999 bharath-k1999 added backport/ent/1.18 Changes are backported to 1.18 ent backport/ent/1.21 changes are backported to 1.21 ent backport/ent/1.22 Changes are backported to 1.22 ent labels Jan 8, 2026
@bharath-k1999
add change log
d52838f
@bharath-k1999
Update Go base image to alpine3.23.2
2f9b437 
Updated the Consul Build Go base image to alpine3.23.2, resolving multiple CVEs.
@bharath-k1999 bharath-k1999 merged commit 505eb52 into main Jan 9, 2026
102 of 104 checks passed
@hc-github-team-consul-core
Copy link
Collaborator

hc-github-team-consul-core commented Jan 10, 2026

📣 Hi @bharath-k1999! a backport is missing for this PR [23138] for versions [1.18,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

1 similar comment
@hc-github-team-consul-core
Copy link
Collaborator

hc-github-team-consul-core commented Jan 11, 2026

📣 Hi @bharath-k1999! a backport is missing for this PR [23138] for versions [1.18,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

@bharath-k1999 bharath-k1999 added the backport/1.22 Changes are backported to 1.22 label Jan 12, 2026
@hc-github-team-consul-core hc-github-team-consul-core mentioned this pull request Jan 12, 2026
Merged
7 tasks
@hc-github-team-consul-core
Copy link
Collaborator

hc-github-team-consul-core commented Jan 12, 2026

📣 Hi @bharath-k1999! a backport is missing for this PR [23138] for versions [1.18,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

1 similar comment
@hc-github-team-consul-core
Copy link
Collaborator

hc-github-team-consul-core commented Jan 13, 2026

📣 Hi @bharath-k1999! a backport is missing for this PR [23138] for versions [1.18,1.21] please perform the backport manually and add the following snippet to your backport PR description:

<details>
	<summary> Overview of commits </summary>
		- <<backport commit 1>>
		- <<backport commit 2>>
		...
</details>

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@santoshpulluri santoshpulluri santoshpulluri approved these changes

Assignees

No one assigned

Labels

backport/ent/1.18 Changes are backported to 1.18 ent backport/ent/1.21 changes are backported to 1.21 ent backport/ent/1.22 Changes are backported to 1.22 ent backport/1.22 Changes are backported to 1.22 pr/dependencies PR specifically updates dependencies of project

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@bharath-k1999 @hc-github-team-consul-core @santoshpulluri