build: fix multiple CVEs by upgrading to go1.26.3

- CVE-2026-42501: cmd/go: malicious module proxy can bypass checksum database - CVE-2026-39825: net/http/httputil: ReverseProxy forwards queries with more than urlmaxqueryparams parameters - CVE-2026-39836: net: panic in Dial and LookupPort when handling NUL byte on Windows - CVE-2026-42499: net/mail: quadratic string concatenation in consumePhrase - CVE-2026-39820: net/mail: quadratic string concatentation in consumeComment - CVE-2026-39819: cmd/go: "go bug" follows symlinks in predictable temporary filenames - CVE-2026-39817: cmd/go: "go tool pack" does not sanitize output paths - CVE-2026-33814: net/http: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE - CVE-2026-39826: html/template: escaper bypass leads to XSS - CVE-2026-33811: net: crash when handling long CNAME response - CVE-2026-39823: html/template: bypass of meta content URL escaping causes XSS
2026-05-13 02:44:21 -04:00 · 2026-05-08 10:47:04 +01:00
parent acb6155654
commit 869f777594
1 changed files with 8 additions and 8 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -37,7 +37,7 @@ jobs:
        include:
          - job_name: linux
            os: ubuntu-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            gotags: cmount
            build_flags: '-include "^linux/"'
            check: true
@@ -48,14 +48,14 @@ jobs:

          - job_name: linux_386
            os: ubuntu-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            goarch: 386
            gotags: cmount
            quicktest: true

          - job_name: mac_amd64
            os: macos-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            gotags: 'cmount'
            build_flags: '-include "^darwin/amd64" -cgo'
            quicktest: true
@@ -64,14 +64,14 @@ jobs:

          - job_name: mac_arm64
            os: macos-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            gotags: 'cmount'
            build_flags: '-include "^darwin/arm64" -cgo -macos-arch arm64 -cgo-cflags=-I/usr/local/include -cgo-ldflags=-L/usr/local/lib'
            deploy: true

          - job_name: windows
            os: windows-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            gotags: cmount
            cgo: '0'
            build_flags: '-include "^windows/"'
@@ -81,7 +81,7 @@ jobs:

          - job_name: other_os
            os: ubuntu-latest
-            go: '~1.26.0'
+            go: '~1.26.3'
            build_flags: '-exclude "^(windows/|darwin/|linux/)"'
            compile_all: true
            deploy: true
@@ -227,7 +227,7 @@ jobs:
        id: setup-go
        uses: actions/setup-go@v6
        with:
-          go-version: '~1.26.0'
+          go-version: '~1.26.3'
          check-latest: true
          cache: false
          
@@ -318,7 +318,7 @@ jobs:
      - name: Set up Go
        uses: actions/setup-go@v6
        with:
-          go-version: '~1.26.0'
+          go-version: '~1.26.3'

      - name: Set global environment variables
        run: |