Backport v5.4: upgrade min go version to 1.23.6 to fix std lib crypto vulnerabilities (#3684)

gerardsn · web-flow · commit 8ff815d970a2 · 2025-02-07T13:36:12.000+01:00
* Backport v5.4: upgrade min go version to 1.23.6 to fix std lib crypto vulnerabilities
diff --git a/Dockerfile b/Dockerfile
@@ -1,5 +1,5 @@
 # golang alpine
-FROM golang:1.23.5-alpine as builder
+FROM golang:1.23.6-alpine AS builder
 
 ARG TARGETARCH
 ARG TARGETOS
diff --git a/docs/pages/release_notes.rst b/docs/pages/release_notes.rst
@@ -3,6 +3,16 @@
 Release notes
 #############
 
+*************************
+Hazelnut update (v5.4.15)
+*************************
+
+Release date: 2025-02-07
+
+- Update minimal GO version to 1.23.6 to fix vulnerabilities in standard library crypto package.
+
+**Full Changelog**: https://github.com/nuts-foundation/nuts-node/compare/v5.4.14...v5.4.15
+
 *************************
 Hazelnut update (v5.4.14)
 *************************
diff --git a/go.mod b/go.mod
@@ -2,7 +2,7 @@ module github.com/nuts-foundation/nuts-node
 
 // This is the minimal version, the actual go version is determined by the images in the Dockerfile
 // This version is used in automated tests such as the 'Scheduled govulncheck' action
-go 1.23.5
+go 1.23.6
 
 require (
 	github.com/alicebob/miniredis/v2 v2.33.0
