21654: Upgrades github.com/go-jose/go-jose/v3 to address CVE-2024-28180

[arvados.git] / go.mod

diff --git a/go.mod b/go.mod
index b91e56950b0c93ed2b23cc156d5dca2772297682..c3f606d65004e938387c26eafb182dcca908353b 100644 (file)
--- a/go.mod
+++ b/go.mod
@@ -37,10 +37,10 @@ require (
        github.com/prometheus/client_model v0.3.0
        github.com/prometheus/common v0.39.0
        github.com/sirupsen/logrus v1.8.1
-       golang.org/x/crypto v0.17.0
-       golang.org/x/net v0.19.0
+       golang.org/x/crypto v0.22.0
+       golang.org/x/net v0.21.0
        golang.org/x/oauth2 v0.11.0
-       golang.org/x/sys v0.15.0
+       golang.org/x/sys v0.19.0
        google.golang.org/api v0.126.0
        gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
        gopkg.in/square/go-jose.v2 v2.5.1
@@ -74,7 +74,7 @@ require (
        github.com/docker/go-units v0.4.0 // indirect
        github.com/gliderlabs/ssh v0.2.2 // indirect
        github.com/go-asn1-ber/asn1-ber v1.4.1 // indirect
-       github.com/go-jose/go-jose/v3 v3.0.1 // indirect
+       github.com/go-jose/go-jose/v3 v3.0.3 // indirect
        github.com/golang-jwt/jwt/v4 v4.1.0 // indirect
        github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
        github.com/golang/protobuf v1.5.3 // indirect