Skip to content

Commit 1d44462

Browse files
simonfaltumclaude
simonfaltum
and
claude
authored
Bump cloudflare/circl from v1.6.1 to v1.6.3 (#4671)
## Why A customer reported that their Artifactory vulnerability scanner is blocking the CLI due to CVE-2026-1229 in `cloudflare/circl` < v1.6.3. The vulnerability is an incorrect calculation in the CIRCL secp384r1 CombinedMult function (CVSS 2.9/LOW). ECDH and ECDSA signing are not affected. ## Changes Bumps the indirect dependency `cloudflare/circl` from v1.6.1 to v1.6.3 in go.mod/go.sum. The dependency is pulled in transitively via `go-crypto`, `hc-install`, and `terraform-exec`. ## Test plan - [x] `make checks` passes - [x] CI passes Co-authored-by: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
1 parent 74899eb commit 1d44462

2 files changed

Lines changed: 3 additions & 3 deletions

File tree

go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,7 +70,7 @@ require (
7070
github.com/clipperhouse/displaywidth v0.9.0 // indirect
7171
github.com/clipperhouse/stringish v0.1.1 // indirect
7272
github.com/clipperhouse/uax29/v2 v2.5.0 // indirect
73-
github.com/cloudflare/circl v1.6.1 // indirect
73+
github.com/cloudflare/circl v1.6.3 // indirect
7474
github.com/davecgh/go-spew v1.1.1 // indirect
7575
github.com/dustin/go-humanize v1.0.1 // indirect
7676
github.com/erikgeiser/coninput v0.0.0-20211004153227-1c3628e74d0f // indirect

go.sum

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -68,8 +68,8 @@ github.com/clipperhouse/stringish v0.1.1 h1:+NSqMOr3GR6k1FdRhhnXrLfztGzuG+VuFDfa
6868
github.com/clipperhouse/stringish v0.1.1/go.mod h1:v/WhFtE1q0ovMta2+m+UbpZ+2/HEXNWYXQgCt4hdOzA=
6969
github.com/clipperhouse/uax29/v2 v2.5.0 h1:x7T0T4eTHDONxFJsL94uKNKPHrclyFI0lm7+w94cO8U=
7070
github.com/clipperhouse/uax29/v2 v2.5.0/go.mod h1:Wn1g7MK6OoeDT0vL+Q0SQLDz/KpfsVRgg6W7ihQeh4g=
71-
github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
72-
github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
71+
github.com/cloudflare/circl v1.6.3 h1:9GPOhQGF9MCYUeXyMYlqTR6a5gTrgR/fBLXvUgtVcg8=
72+
github.com/cloudflare/circl v1.6.3/go.mod h1:2eXP6Qfat4O/Yhh8BznvKnJ+uzEoTQ6jVKJRn81BiS4=
7373
github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g=
7474
github.com/creack/pty v1.1.24 h1:bJrF4RRfyJnbTJqzRLHzcGaZK1NeM5kTC9jGgovnR1s=
7575
github.com/creack/pty v1.1.24/go.mod h1:08sCNb52WyoAwi2QDyzUCTgcvVFhUzewun7wtTfvcwE=

0 commit comments

Comments
 (0)