chore: update nats-server go module #990

alexbozhenko · 2025-04-09T22:32:23Z

NATS Server releases v2.11.1 and v2.10.27 include a fix
for a security vulnerability (CVE):
https://advisories.nats.io/CVE/secnote-2025-01.txt

This PR updates to a patched version that is not vulnerable.

If applicable to this repo, we should also cut a release after merging.

  go get github.com/nats-io/nats-server/v2@patch
  go get toolchain@none
  go mod tidy

NATS Server releases v2.11.1 and v2.10.27 include a fix for a security vulnerability (CVE): https://advisories.nats.io/CVE/secnote-2025-01.txt This PR updates to a patched version that is not vulnerable. If applicable to this repo, we should also cut a release after merging. This is a batch change created with https://github.com/lindell/multi-gitter ``` go get github.com/nats-io/nats-server/v2@patch go get toolchain@none go mod tidy ``` All PRs in this batch: https://github.com/search?q=label%3Aabozhenko_multigitter_bump_nats_server_cve_2025_04+state%3Aopen&type=pullrequests

philpennock · 2025-04-10T06:33:11Z

Closing this in favor of #989 which has the same tree and a better set of reviewers (but a different origin repo)

alexbozhenko requested a review from philpennock April 9, 2025 22:32

alexbozhenko added the abozhenko_multigitter_bump_nats_server_cve_2025_04 label Apr 9, 2025

alexbozhenko changed the title ~~chore: update nats-server go moudle~~ chore: update nats-server go module Apr 9, 2025

philpennock closed this Apr 10, 2025

philpennock deleted the bump_nats_cve_2025_04 branch April 10, 2025 06:48

Provide feedback