Backport #37139 by @silverwind Update Go from 1.26.1 to 1.26.2 to fix 6 stdlib vulnerabilities: - GO-2026-4947: `crypto/x509` chain building - GO-2026-4946: `crypto/x509` policy validation - GO-2026-4870: `crypto/tls` KeyUpdate DoS - GO-2026-4869: `archive/tar` unbounded allocation - GO-2026-4866: `crypto/x509` name constraints bypass - GO-2026-4865: `html/template` XSS Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Claude (Opus 4.6) <noreply@anthropic.com>
This commit is contained in:
@@ -1,6 +1,6 @@
|
|||||||
module code.gitea.io/gitea
|
module code.gitea.io/gitea
|
||||||
|
|
||||||
go 1.26.1
|
go 1.26.2
|
||||||
|
|
||||||
// rfc5280 said: "The serial number is an integer assigned by the CA to each certificate."
|
// rfc5280 said: "The serial number is an integer assigned by the CA to each certificate."
|
||||||
// But some CAs use negative serial number, just relax the check. related:
|
// But some CAs use negative serial number, just relax the check. related:
|
||||||
|
|||||||
Reference in New Issue
Block a user