diff --git a/.changelog/26451.txt b/.changelog/26451.txt new file mode 100644 index 000000000..aa7ec1773 --- /dev/null +++ b/.changelog/26451.txt @@ -0,0 +1,3 @@ +```release-note:security +build: Update Go to 1.24.3 to address CVE-2025-47906 +``` diff --git a/.go-version b/.go-version index 6521720b4..7a429d68a 100644 --- a/.go-version +++ b/.go-version @@ -1 +1 @@ -1.24.5 +1.24.6 diff --git a/contributing/README.md b/contributing/README.md index a0e7b0198..fce8bd65e 100644 --- a/contributing/README.md +++ b/contributing/README.md @@ -33,7 +33,7 @@ A development environment is supplied via Vagrant to make getting started easier Developing without Vagrant --- -1. Install [Go 1.24.5+](https://golang.org/) *(Note: `gcc-go` is not supported)* +1. Install [Go 1.24.6+](https://golang.org/) *(Note: `gcc-go` is not supported)* 1. Clone this repo ```sh $ git clone https://github.com/hashicorp/nomad.git diff --git a/go.mod b/go.mod index a1bb8c021..85c536995 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/hashicorp/nomad -go 1.24.5 +go 1.24.6 // Pinned dependencies are noted in github.com/hashicorp/nomad/issues/11826. replace ( diff --git a/scripts/linux-priv-go.sh b/scripts/linux-priv-go.sh index eedd53ea5..20dcbbeb4 100755 --- a/scripts/linux-priv-go.sh +++ b/scripts/linux-priv-go.sh @@ -21,7 +21,7 @@ case $(arch) in esac function install_go() { - local go_version="1.24.5" + local go_version="1.24.6" local download="https://storage.googleapis.com/golang/go${go_version}.linux-${ARCH}.tar.gz" if go version 2>&1 | grep -q "${go_version}"; then diff --git a/scripts/release/mac-remote-build b/scripts/release/mac-remote-build index 28782ec22..b738bf0b7 100755 --- a/scripts/release/mac-remote-build +++ b/scripts/release/mac-remote-build @@ -56,7 +56,7 @@ REPO_PATH="${TMP_WORKSPACE}/gopath/src/github.com/hashicorp/nomad" mkdir -p "${TMP_WORKSPACE}/tmp" install_go() { - local go_version="1.24.5" + local go_version="1.24.6" local download= download="https://storage.googleapis.com/golang/go${go_version}.darwin-amd64.tar.gz"