From 629ec5f10a0898292bce095c2df61ceb9b88526a Mon Sep 17 00:00:00 2001
From: Philipp Belitz <philipp.belitz@securesystems.de>
Date: Thu, 19 Dec 2024 11:09:46 +0100
Subject: [PATCH] update: fix golang.org/x/net vuln

Non-linear parsing of case-insensitive content in golang.org/x/net/html https://avd.aquasec.com/nvd/cve-2024-45338
---
 charts/connaisseur/Chart.yaml | 4 ++--
 go.mod                        | 2 +-
 go.sum                        | 4 ++--
 3 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/charts/connaisseur/Chart.yaml b/charts/connaisseur/Chart.yaml
index 49adcf196..25d787509 100644
--- a/charts/connaisseur/Chart.yaml
+++ b/charts/connaisseur/Chart.yaml
@@ -2,8 +2,8 @@ apiVersion: v2
 name: connaisseur
 description: Helm chart for Connaisseur - a Kubernetes admission controller to integrate container image signature verification and trust pinning into a cluster.
 type: application
-version: 2.8.0
-appVersion: 3.8.0
+version: 2.8.1
+appVersion: 3.8.1
 keywords:
   - container image
   - signature
diff --git a/go.mod b/go.mod
index 5583b4e85..8bc838ef4 100644
--- a/go.mod
+++ b/go.mod
@@ -241,7 +241,7 @@ require (
 	golang.org/x/crypto v0.31.0 // indirect
 	golang.org/x/exp v0.0.0-20240613232115-7f521ea00fb8 // indirect
 	golang.org/x/mod v0.22.0 // indirect
-	golang.org/x/net v0.31.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/oauth2 v0.24.0 // indirect
 	golang.org/x/sync v0.10.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
diff --git a/go.sum b/go.sum
index de428de4b..29cd6e397 100644
--- a/go.sum
+++ b/go.sum
@@ -860,8 +860,8 @@ golang.org/x/net v0.8.0/go.mod h1:QVkue5JL9kW//ek3r6jTKnTFis1tRmNAW2P1shuFdJc=
 golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg=
 golang.org/x/net v0.11.0/go.mod h1:2L/ixqYpgIVXmeoSA/4Lu7BzTG4KIyPIryS4IsOd1oQ=
 golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE=
-golang.org/x/net v0.31.0 h1:68CPQngjLL0r2AlUKiSxtQFKvzRVbnzLwMUn5SzcLHo=
-golang.org/x/net v0.31.0/go.mod h1:P4fl1q7dY2hnZFxEk4pPSkDHF+QqjitcnDjUQyMM+pM=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
 golang.org/x/oauth2 v0.24.0 h1:KTBBxWqUa0ykRPLtV69rRto9TLXcqYkeswu48x/gvNE=
 golang.org/x/oauth2 v0.24.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=