Merge pull request #14677 from wolfi-dev/cve-bank-vaults-4c9e49e57474…

…a91088e20755cfc60895 bank-vaults/1.20.4-r7: cve remediation
wolfi-dev · Mar 11, 2024 · 9111cc4 · 9111cc4
2 parents b1ebe50 + bbd61e6
commit 9111cc4
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/bank-vaults.yaml b/bank-vaults.yaml
@@ -1,7 +1,7 @@
 package:
   name: bank-vaults
   version: 1.20.4
-  epoch: 8
+  epoch: 9
   description: A Vault swiss-army knife. A CLI tool to init, unseal and configure Vault (auth methods, secret engines).
   copyright:
     - license: Apache-2.0
@@ -24,7 +24,7 @@ pipeline:
   - uses: go/bump
     with:
       # CVE-2023-39325 and CVE-2023-3978
-      deps: golang.org/x/net@v0.17.0 google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0
+      deps: golang.org/x/net@v0.17.0 google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0 github.com/go-jose/go-jose/v3@v3.0.3
       replaces: github.com/go-jose/go-jose/v3=github.com/go-jose/go-jose/v3@v3.0.3
 
   - uses: go/build