From e023fb53a537ee4726a21a01a3490527fff9b3c8 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Fri, 13 Dec 2024 20:04:39 +0000
Subject: [PATCH] fulcio/1.6.5-r0: cve remediation (#36951)

fulcio/1.6.5-r0: fix GHSA-v778-237x-gjrc

Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/fulcio.advisories.yaml

Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
 fulcio.yaml | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/fulcio.yaml b/fulcio.yaml
index f8deb2586be..a9bd745fd20 100644
--- a/fulcio.yaml
+++ b/fulcio.yaml
@@ -1,7 +1,7 @@
 package:
   name: fulcio
   version: 1.6.5
-  epoch: 0
+  epoch: 1
   description: Sigstore OIDC PKI
   copyright:
     - license: Apache-2.0
@@ -17,6 +17,11 @@ pipeline:
       repository: https://github.com/sigstore/fulcio
       tag: v${{package.version}}
 
+  - uses: go/bump
+    with:
+      deps: golang.org/x/crypto@v0.31.0
+      modroot: .
+
   - uses: go/build
     with:
       ldflags: -s -w