Closed
Description
What would you like to be added?
Golang 1.24.3 and 1.23.9 were released today. According to our Dependency management documentation, we want to stay on the latest patch version. This means updating the release-3.4, release-3.5, and release-3.6 branches to 1.23.9 and main to 1.24.3.
This patch includes the security fix for CVE-2025-22873.
Progress track:
- etcd
-
main: go v1.24.3 - [main] Bump Go to 1.24.3 #19908 -
release-3.6: go v1.23.9 - [release-3.6] Bump Go to 1.23.9 #19867 -
release-3.5: go v1.23.9 - [release-3.5] Bump Go to 1.23.9 #19870 -
release-3.4: go v1.23.9 - [release-3.4] Bump Go to 1.23.9 #19872 -
CHANGELOG- release-3.6: CHANGELOG(3.6): add Go 1.23.9 entry #19869
- release-3.5: CHANGELOG(3.5): add Go 1.23.9 entry #19909
- release-3.4: CHANGELOG(3.4): add Go 1.23.9 entry #19910
-
- bbolt
-
main: go v1.24.3 - Bump Go to 1.24.3 bbolt#955 -
release-1.3: v1.23.9 - [release-1.3] Bump Go to 1.23.9 bbolt#956 -
release-1.4: v1.23.9 - [release-1.4] Bump Go to 1.23.9 bbolt#957
-
- raft
-
main: go v1.24.3 - [release-3.6] Bump Go to 1.23.9 raft#296 -
release-3.6: go v1.23.9 - [release-3.6] Bump Go to 1.23.9 raft#296
-
-
etcd-io/gofailmain: go v1.23.9 - Bump Go to 1.23.9 gofail#114 -
etcd-io/augermain: go v1.24.3 - Bump Go to 1.24.3 auger#277 -
etcd-io/etcd-operator: go v1.24.3 - Bump Go to 1.24.3 etcd-operator#138 -
etcd-io/protodoc: go v1.23.9 - Bump Go to 1.23.9 protodoc#19
Please look at the previous issues and their pull requests, e.g., #19713 and #19524.
Why is this needed?
To keep the project up to date with the latest Go versions. And to address CVE-2025-22873.