Skip to content

Bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1#18

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1
Open

Bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1#18
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 23, 2026
edited
Loading

Bumps github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1.

Release notes

Sourced from github.com/Azure/go-ntlmssp's releases.

v0.1.1

Fix CVE-2026-32952: A malicious NTLM challenge message can causes an slice out of bounds panic, which can crash any Go process using ntlmssp.Negotiator as an HTTP transport.

Commits
  • bd8579c Merge commit from fork
  • 6611b28 Bump github/codeql-action from 4.35.1 to 4.35.2 (#99)
  • 8e3bd00 Bump github/codeql-action from 4.34.1 to 4.35.1 (#98)
  • 1cc5181 Bump actions/setup-go from 6.3.0 to 6.4.0 (#97)
  • e17bcfc Bump github/codeql-action from 4.33.0 to 4.34.1 (#96)
  • 0a22e29 Bump github/codeql-action from 4.32.6 to 4.33.0 (#95)
  • e8e0c8a Bump github/codeql-action from 4.32.5 to 4.32.6 (#94)
  • a1f2121 Bump github/codeql-action from 4.32.4 to 4.32.5 (#93)
  • 2aeecf5 Bump actions/setup-go from 6.2.0 to 6.3.0 (#92)
  • ae27c6d Bump github/codeql-action from 4.32.3 to 4.32.4 (#91)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file go Pull requests that update go code labels Apr 23, 2026
@dependabot
Bump github.com/Azure/go-ntlmssp from 0.1.0 to 0.1.1
c77053f 
Bumps [github.com/Azure/go-ntlmssp](https://github.com/Azure/go-ntlmssp) from 0.1.0 to 0.1.1.
- [Release notes](https://github.com/Azure/go-ntlmssp/releases)
- [Commits](Azure/go-ntlmssp@v0.1.0...v0.1.1)

---
updated-dependencies:
- dependency-name: github.com/Azure/go-ntlmssp
  dependency-version: 0.1.1
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/go_modules/github.com/Azure/go-ntlmssp-0.1.1 branch from 4457883 to c77053f Compare April 28, 2026 05:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file go Pull requests that update go code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants