request #47650 golang.org/x/crypto 0.50.0 -> 0.52.0

Infos

Artifact ID#47650

Submitted byClarck Robinson (robinsoc)

Last Modified On2026-05-22 14:51

Submitted on2026-05-22 13:17

Rank49391

Details

Summary *

golang.org/x/crypto 0.50.0 -> 0.52.0

Original Submission

Fixes CVE-2026-39829 and CVE-2026-39831. Tuleap is not impacted by these issues because none of the Go code implements an SSH server.

https://go.googlesource.com/crypto/+/refs/tags/v0.52.0

See advisories: https://pkg.go.dev/vuln/GO-2026-5018 and https://pkg.go.dev/vuln/GO-2026-5019

CategoryDependencies

Reported in versionEmpty

PlatformEmpty

Is an Enhancement or an internal improvement?

[ ] enhancement
[ ] internal improvement

CC listEmpty

Stage

Assigned toEmpty

StatusClosed

Close date2026-05-22

Attachments

AttachmentsEmpty

References

Cross references

Show items referenced by request #47650

Referenced by request #47650

Artifact

rel #47138 17.6

Other

gerrit #37805

Follow-ups

Joris MASSON (jmasson)

2026-05-22 14:51

Connected artifacts
- Added Fixed in: rel #47138

Tracker Workflow Manager (forge__tracker_workflow_manager)

2026-05-22 14:51

Closed by @robinsoc with git #tuleap/tuleap/f790fd2760850ff31d62a6ce664bc81b8fa5dd70.

Status changed from Under review to Closed
Close date set to 2026-05-22

Joris MASSON (jmasson)

2026-05-22 14:50

Category set to Dependencies

Joris MASSON (jmasson)

2026-05-22 14:50

Original Submission

Something went wrong, the follow up content couldn't be loaded

Only formatting have been changed, you should switch to markup to see the changes
Status changed from New to Under review

Clarck Robinson (robinsoc)

2026-05-22 13:21

gerrit #37805

Public

Referenced by request #47650

Artifact

Other

Follow-ups