Skip to content

Commit 6cfae36

Browse files
patelchaitanypatelchaitany
committed
chore(deps): bump Go >= 1.24.12 to fix CVE-2025-61726
Bump the Go toolchain from 1.22.9 to 1.24.12 in the feast-operator go.mod and Dockerfile to fix CVE-2025-61726 (memory exhaustion in net/url query parameter parsing, CVSS 7.5). Signed-off-by: Chaitany patel <patelchaitany93@gmail.com> Made-with: Cursor
1 parent a623674 commit 6cfae36

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

infra/feast-operator/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
# Build the manager binary
2-
FROM registry.access.redhat.com/ubi9/go-toolset:1.22.9 AS builder
2+
FROM registry.access.redhat.com/ubi9/go-toolset:1.24.12 AS builder
33
ARG TARGETOS
44
ARG TARGETARCH
55

infra/feast-operator/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/feast-dev/feast/infra/feast-operator
22

3-
go 1.22.9
3+
go 1.24.12
44

55
require (
66
github.com/onsi/ginkgo/v2 v2.17.2

0 commit comments

Comments
 (0)