Update KrakenD to v2.12.1

[thedae]

Upgraded Go to 1.25.6 addressing several CVEs with disclosed descriptions:

CVE-2025-61728 Super-linear filename indexing causes DoS on malicious ZIPs (false positive)
CVE-2025-61726 Memory exhaustion from excessive form key-value pairs
CVE-2025-68121 Config.Clone leaks session keys; ignores full cert chain expiration
CVE-2025-61731 CgoPkgConfig flag bypass leads to arbitrary code execution (false positive)
CVE-2025-68119 VCS toolchain misinterpretation enables code exec/file writes (false positive)
CVE-2025-61727 An excluded subdomain constraint in a certificate chain does not restrict the usage of wildcard SANs in the leaf certificate
CVE-2025-61729 Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out.

Upgraded the golang.org/x/crypto package to address CVE-2025-58181 and CVE-2025-47914 (false-positives)

[github-actions]

Diff for 61c3c0b:

diff --git a/_bashbrew-cat b/_bashbrew-cat
index 733d9a0..210e957 100644
--- a/_bashbrew-cat
+++ b/_bashbrew-cat
@@ -1,7 +1,7 @@
 Maintainers: Daniel Ortiz <[email protected]> (@taik0), Daniel López <[email protected]> (@kpacha), Jorge Tarrero <[email protected]> (@thedae), David Hontecillas <[email protected]> (@dhontecillas)
 GitRepo: https://github.com/krakend/docker-library.git
 
-Tags: 2.12.0, 2.12, 2, latest
+Tags: 2.12.1, 2.12, 2, latest
 Architectures: amd64, arm64v8
-GitCommit: 30d1716507fbe8fb80c3b19542240ce21ca5a5b2
-Directory: 2.12.0
+GitCommit: cf19ddf7432cae3758c0164f242aaa02da0c7011
+Directory: 2.12.1
diff --git a/_bashbrew-list b/_bashbrew-list
index 52f1eda..528a5e9 100644
--- a/_bashbrew-list
+++ b/_bashbrew-list
@@ -1,4 +1,4 @@
 krakend:2
 krakend:2.12
-krakend:2.12.0
+krakend:2.12.1
 krakend:latest
diff --git a/krakend_latest/Dockerfile b/krakend_latest/Dockerfile
index 82d657f..4c916dc 100644
--- a/krakend_latest/Dockerfile
+++ b/krakend_latest/Dockerfile
@@ -3,7 +3,7 @@
 #
 # PLEASE DO NOT EDIT IT DIRECTLY.
 #
-FROM alpine:3.21
+FROM alpine:3.23
 
 LABEL org.opencontainers.image.authors="[email protected]"
 
@@ -17,16 +17,16 @@ RUN set -eux; \
 	case "$arch" in \
 		'x86_64') \
 			export GOARCH='amd64' GOOS='linux'; \
-			export KRAKEND_DOWNLOAD_SHA512=ce7e2c685499eaae839e249f094635bd7f96f01c70d96e042f2da870a7b6e610b6f0cfb22aac483ab8cddd52b0c21dc67866913e4919755e38fffc01c4176c49; \
+			export KRAKEND_DOWNLOAD_SHA512=ea7fccc37e2b299a0403cc2b3d540140488120ce8fbd1678e2097753c3b5baf3161b8d8ad4b455cfd5074b15bb08d606bfddeb518011905fb495d6d0bbcab615; \
 			;; \
 		'aarch64') \
 			export GOARCH='arm64' GOOS='linux'; \
-			export KRAKEND_DOWNLOAD_SHA512=60a70fb3e85d03ff13bdf828a681531df8d0c948deb1d7d7316179c351624bd68d5996d5bb06ed0529eb631f84c655a676ae649355e4fcdc2386352fdac4f3c8; \
+			export KRAKEND_DOWNLOAD_SHA512=b51cc1e044bc9ff65506cce22002af906956c88ab4754522ffc855ac55b4f6d079ff5359951c85de4b5dc29995c40b3e6b990bc44a6f0d947721e13bec663b6c; \
 			;; \
 		*) echo >&2 "error: unsupported architecture '$TARGETARCH' (likely packaging update needed)"; exit 1 ;; \
 	esac; \
-    wget -O krakend.tar.gz "https://github.com/krakendio/krakend-ce/releases/download/v2.12.0/krakend_2.12.0_${GOARCH}_alpine.tar.gz"; \
-    wget -O krakend.tar.gz.asc "https://github.com/krakendio/krakend-ce/releases/download/v2.12.0/krakend_2.12.0_${GOARCH}_alpine.tar.gz.asc"; \
+    wget -O krakend.tar.gz "https://github.com/krakendio/krakend-ce/releases/download/v2.12.1/krakend_2.12.1_${GOARCH}_alpine.tar.gz"; \
+    wget -O krakend.tar.gz.asc "https://github.com/krakendio/krakend-ce/releases/download/v2.12.1/krakend_2.12.1_${GOARCH}_alpine.tar.gz.asc"; \
     export GNUPGHOME="$(mktemp -d)"; \
     gpg --batch --keyserver keyserver.ubuntu.com --recv-keys 5B270F2E01E375FD9D5635E25DE6FD698AD6FDD2; \
     gpg --batch --verify krakend.tar.gz.asc krakend.tar.gz; \

Relevant Maintainers:

• krakend: @taik0 @kpacha @thedae @dhontecillas