Security information

Updated the following middleware component versions to resolve vulnerabilities in MSR:

• [ENGDTR-4405] Golang 1.23.8

Resolved CVEs, as detailed:

CVE	Status	Problem details from upstream
CVE-2025-26519	Resolved	musl libc 0.9.13 through 1.2.5 before 1.2.6 has an out-of-bounds write vulnerability when an attacker can trigger iconv conversion of untrusted EUC-KR text to UTF-8.
CVE-2024-34155	Resolved	Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.
CVE-2024-34156	Resolved	Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.