Skip to content

Bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1#6646

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1
Open

Bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1#6646
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 2, 2026

Copy link
Copy Markdown
Contributor

Bumps github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1.

Release notes

Sourced from github.com/Azure/go-ntlmssp's releases.

v0.1.1

Fix CVE-2026-32952: A malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport.

Commits
  • bd8579c Merge commit from fork
  • 6611b28 Bump github/codeql-action from 4.35.1 to 4.35.2 (#99)
  • 8e3bd00 Bump github/codeql-action from 4.34.1 to 4.35.1 (#98)
  • 1cc5181 Bump actions/setup-go from 6.3.0 to 6.4.0 (#97)
  • e17bcfc Bump github/codeql-action from 4.33.0 to 4.34.1 (#96)
  • 0a22e29 Bump github/codeql-action from 4.32.6 to 4.33.0 (#95)
  • e8e0c8a Bump github/codeql-action from 4.32.5 to 4.32.6 (#94)
  • a1f2121 Bump github/codeql-action from 4.32.4 to 4.32.5 (#93)
  • 2aeecf5 Bump actions/setup-go from 6.2.0 to 6.3.0 (#92)
  • ae27c6d Bump github/codeql-action from 4.32.3 to 4.32.4 (#91)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Jul 2, 2026
@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown

Release artifacts

Built for PR head f1438f7 in workflow run #16504.

Artifact Link
All release artifacts Not available (failure)
Linux packages Not available (failure)
Windows packages Not available (failure)
macOS packages Not available (failure)
UI artifacts Not available (failure)
UI macOS artifacts Download

GHCR images (amd64)

No GHCR images were pushed.

This comment is updated by the Release workflow. Artifact links expire according to the workflow retention policy.

Bumps [github.com/Azure/go-ntlmssp](https://github.com/Azure/go-ntlmssp) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/Azure/go-ntlmssp/releases)
- [Commits](Azure/go-ntlmssp@v0.1.0...v0.1.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-ntlmssp
  dependency-version: 0.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1 branch from 52c7822 to f1438f7 Compare July 6, 2026 11:49
@CLAassistant

Copy link
Copy Markdown

CLA assistant check
Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
You have signed the CLA already but the status is still pending? Let us recheck it.

@sonarqubecloud

sonarqubecloud Bot commented Jul 6, 2026

Copy link
Copy Markdown

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant