Update vendored golang.org/x/crypto to v0.43.0 to fix

CVE-2025-47913 (bsc#1253608, GO-2025-4116): SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
2025-11-29 22:55:41 +01:00
4 changed files with 15 additions and 4 deletions
--- a/2
+++ b/2
@@ -16,5 +16,7 @@
    <param name="compression">xz</param>
  </service>
  <service name="go_modules" mode="manual">
+    <!-- Fix CVE-2025-47913 (GO-2025-4116, bsc#1253608) -->
+    <param name="replace">golang.org/x/crypto=golang.org/x/crypto@v0.43.0</param>
  </service>
 </services>
--- a/act-0.2.64.tar.xz
+++ b/act-0.2.64.tar.xz
--- a/act.changes
+++ b/act.changes
@@ -1,3 +1,12 @@
+-------------------------------------------------------------------
+Sat Nov 29 21:42:23 UTC 2025 - Matthias Eliasson <elimat@opensuse.org>
+
+- Update vendored golang.org/x/crypto to v0.43.0 to fix
+  CVE-2025-47913 (bsc#1253608, GO-2025-4116):
+  SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed
+  response will panic and cause early termination of the client
+  process.
+
 -------------------------------------------------------------------
 Tue Jul 02 11:23:19 UTC 2024 - kskarthik@disroot.org

--- a/vendor.tar.gz
+++ b/vendor.tar.gz