build: fix multiple CVEs by upgrading to go1.26.4

- CVE-2026-42504: mime: quadratic complexity in WordDecoder.DecodeHeader
- CVE-2026-42507: net/textproto: arbitrary input are included in errors without any escaping
- CVE-2026-27145: crypto/x509: split candidate hostname only once
This commit is contained in:
Nick Craig-Wood
2026-06-03 12:40:28 +01:00
parent fc4349dc16
commit 2a7b0d0d3b

View File

@@ -37,7 +37,7 @@ jobs:
include:
- job_name: linux
os: ubuntu-latest
go: '~1.26.3'
go: '~1.26.4'
gotags: cmount
build_flags: '-include "^linux/"'
check: true
@@ -48,14 +48,14 @@ jobs:
- job_name: linux_386
os: ubuntu-latest
go: '~1.26.3'
go: '~1.26.4'
goarch: 386
gotags: cmount
quicktest: true
- job_name: mac_amd64
os: macos-latest
go: '~1.26.3'
go: '~1.26.4'
gotags: 'cmount'
build_flags: '-include "^darwin/amd64" -cgo'
quicktest: true
@@ -64,14 +64,14 @@ jobs:
- job_name: mac_arm64
os: macos-latest
go: '~1.26.3'
go: '~1.26.4'
gotags: 'cmount'
build_flags: '-include "^darwin/arm64" -cgo -macos-arch arm64 -cgo-cflags=-I/usr/local/include -cgo-ldflags=-L/usr/local/lib'
deploy: true
- job_name: windows
os: windows-latest
go: '~1.26.3'
go: '~1.26.4'
gotags: cmount
cgo: '0'
build_flags: '-include "^windows/"'
@@ -81,7 +81,7 @@ jobs:
- job_name: other_os
os: ubuntu-latest
go: '~1.26.3'
go: '~1.26.4'
build_flags: '-exclude "^(windows/|darwin/|linux/)"'
compile_all: true
deploy: true
@@ -278,7 +278,7 @@ jobs:
id: setup-go
uses: actions/setup-go@v6
with:
go-version: '~1.26.3'
go-version: '~1.26.4'
check-latest: true
cache: false
@@ -393,7 +393,7 @@ jobs:
id: setup-go
uses: actions/setup-go@v6
with:
go-version: '~1.26.3'
go-version: '~1.26.4'
# Caching is handled explicitly below to share the module cache
# with the other jobs - see the build job for the rationale.
cache: false