FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 #1768

cgoessen · 2025-02-23T16:22:54Z

Description:

Upgrade the version of x/crypto from 0.29.0 to 0.31.0 to get rid of critical vulnerabilty CVE-2024-45337.

I've run the test suite and some limited local run to check for problems, I haven't found any.
If you can think of some more tests to run to ensure compatibility, I'd be happy to run them.

I used trivy to scan for vulnerabilities before and after to confirm the CVE is gone.

Checklist:

Does your PR pass tests?
Have you written new tests for your changes?
~~Have you lint your code locally prior to submission?~~ n.a.

…s#1768) Co-authored-by: Christophe Goessen <christophe@gssn.net>

fix: upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337

2a4b3ab

zricethezav merged commit 96b92c3 into gitleaks:master Feb 24, 2025
2 checks passed

BrewTestBot mentioned this pull request Mar 22, 2025

gitleaks 8.24.2 Homebrew/homebrew-core#215752

Merged

sirakav pushed a commit to sirakav/gitleaks that referenced this pull request Apr 25, 2025

fix: upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 (gitleak…

70f6808

…s#1768) Co-authored-by: Christophe Goessen <christophe@gssn.net>

alayne222 pushed a commit to alayne222/gitleaks that referenced this pull request May 28, 2025

fix: upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 (gitleak…

99924cb

…s#1768) Co-authored-by: Christophe Goessen <christophe@gssn.net>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 #1768

FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 #1768

Uh oh!

cgoessen commented Feb 23, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 #1768

FIX upgrade x/crypto to 0.31.0 to get rid of CVE-2024-45337 #1768

Uh oh!

Conversation

cgoessen commented Feb 23, 2025

Description:

Checklist:

Uh oh!

Uh oh!

Uh oh!