Skip to content

chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.53.0 in /go#70

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go/golang.org/x/crypto-0.53.0
Open

chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.53.0 in /go#70
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/go/golang.org/x/crypto-0.53.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown

Bumps golang.org/x/crypto from 0.51.0 to 0.53.0.

Commits
  • 45460e0 go.mod: update golang.org/x dependencies
  • d37c95e pkcs12: limit PBKDF iteration count to prevent CPU exhaustion
  • e2ffffe ssh: reject incomplete gssapi-with-mic configurations
  • 60e158a ssh/test: isolate CLI tests from user SSH config and agent
  • 1b77d23 ssh/knownhosts: reject lines with multiple or unknown markers
  • 3872a2b ssh/knownhosts: verify declared key type matches decoded key
  • 9f72ecc ssh/knownhosts: treat only ASCII space and tab as whitespace
  • 8f405a4 ssh: validate ECDSA curve matches expected algorithm
  • bb41b3d ssh: improve DH GEX group selection using PreferredBits
  • e04e721 ssh/agent: validate ed25519 private key length in Add
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: dependencies, go. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from bhengubv as a code owner June 15, 2026 08:27
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.51.0 to 0.53.0.
- [Commits](golang/crypto@v0.51.0...v0.53.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.53.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title build(deps): bump golang.org/x/crypto from 0.51.0 to 0.53.0 in /go chore(deps): bump golang.org/x/crypto from 0.51.0 to 0.53.0 in /go Jun 26, 2026
@dependabot dependabot Bot force-pushed the dependabot/go_modules/go/golang.org/x/crypto-0.53.0 branch from 14b9462 to 64b4c62 Compare June 26, 2026 10:15
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants