diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser index 9d570194b..a76c4e522 100644 --- a/Dockerfile.goreleaser +++ b/Dockerfile.goreleaser @@ -1,4 +1,4 @@ -FROM golang:1.26.2-alpine AS build +FROM golang:1.26.4-alpine AS build ARG TARGETARCH diff --git a/Dockerfile.hotfix b/Dockerfile.hotfix index 2049f1dec..4b10897f8 100644 --- a/Dockerfile.hotfix +++ b/Dockerfile.hotfix @@ -1,4 +1,4 @@ -FROM golang:1.26.2-alpine as build +FROM golang:1.26.4-alpine as build ARG TARGETARCH ARG RELEASE diff --git a/Dockerfile.release b/Dockerfile.release index da56b0135..ed2168e0f 100644 --- a/Dockerfile.release +++ b/Dockerfile.release @@ -1,4 +1,4 @@ -FROM golang:1.26.2-alpine AS build +FROM golang:1.26.4-alpine AS build ARG TARGETARCH ARG RELEASE diff --git a/Dockerfile.release.old_cpu b/Dockerfile.release.old_cpu index 81b77ccef..1fad8487f 100644 --- a/Dockerfile.release.old_cpu +++ b/Dockerfile.release.old_cpu @@ -1,4 +1,4 @@ -FROM golang:1.26.2-alpine AS build +FROM golang:1.26.4-alpine AS build ARG TARGETARCH ARG RELEASE diff --git a/docs/security/advisories.md b/docs/security/advisories.md index d6884e373..1af6676d1 100644 --- a/docs/security/advisories.md +++ b/docs/security/advisories.md @@ -19,7 +19,7 @@ This document summarizes fork-specific security fixes and closely related upgrad | :-- | :-- | :-- | | `CVE-2026-34986` | `68e0ba997` | Upgrades `go-jose` to `v4.1.4`. | | `CVE-2026-39883` | `1869bd30b`, `e4fa06394` | Updates OpenTelemetry dependencies. | -| Upstream Go security fixes | `db4c0fd5e` | Bumps the Go toolchain to `1.26.2`. | +| Upstream Go security fixes | `db4c0fd5e`, Go 1.26.4 update | Bumps the Go toolchain through `1.26.4`. | ## Operationally significant security-related fixes diff --git a/go.mod b/go.mod index c2993b64f..a8f09db9b 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/minio/minio -go 1.26.2 +go 1.26.4 // Use Georg Mangold's maintained Console fork while keeping upstream import paths. replace github.com/minio/console => github.com/georgmangold/console v1.9.1