From 168649fce78aa10815c33f2307ec46846d10459c Mon Sep 17 00:00:00 2001
From: Christopher Henderson <chris@chenderson.org>
Date: Sat, 4 Jan 2025 15:09:25 -0800
Subject: [PATCH] Patch for CVE-2024-45338 (#908)

---
 v3/cmd/genTestCerts/go.mod | 2 +-
 v3/cmd/genTestCerts/go.sum | 2 ++
 v3/cmd/gen_test_crl/go.mod | 2 +-
 v3/cmd/gen_test_crl/go.sum | 2 ++
 v3/go.mod                  | 2 +-
 v3/go.sum                  | 2 ++
 6 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/v3/cmd/genTestCerts/go.mod b/v3/cmd/genTestCerts/go.mod
index 683a534b0..c29dbcf51 100644
--- a/v3/cmd/genTestCerts/go.mod
+++ b/v3/cmd/genTestCerts/go.mod
@@ -12,6 +12,6 @@ require (
 require (
 	github.com/weppos/publicsuffix-go v0.40.2 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 )
diff --git a/v3/cmd/genTestCerts/go.sum b/v3/cmd/genTestCerts/go.sum
index 843228c11..e403a0279 100644
--- a/v3/cmd/genTestCerts/go.sum
+++ b/v3/cmd/genTestCerts/go.sum
@@ -82,6 +82,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
 golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
diff --git a/v3/cmd/gen_test_crl/go.mod b/v3/cmd/gen_test_crl/go.mod
index a89756cdb..4f9fc91b9 100644
--- a/v3/cmd/gen_test_crl/go.mod
+++ b/v3/cmd/gen_test_crl/go.mod
@@ -13,7 +13,7 @@ require (
 require (
 	github.com/weppos/publicsuffix-go v0.40.2 // indirect
 	golang.org/x/crypto v0.31.0 // indirect
-	golang.org/x/net v0.27.0 // indirect
+	golang.org/x/net v0.33.0 // indirect
 	golang.org/x/sys v0.28.0 // indirect
 	golang.org/x/text v0.21.0 // indirect
 )
diff --git a/v3/cmd/gen_test_crl/go.sum b/v3/cmd/gen_test_crl/go.sum
index e802bdd36..e6b0cc8e0 100644
--- a/v3/cmd/gen_test_crl/go.sum
+++ b/v3/cmd/gen_test_crl/go.sum
@@ -96,6 +96,8 @@ golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
 golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
diff --git a/v3/go.mod b/v3/go.mod
index f1b04033d..e9a214e22 100644
--- a/v3/go.mod
+++ b/v3/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/sirupsen/logrus v1.9.3
 	github.com/zmap/zcrypto v0.0.0-20240803002437-3a861682ac77
 	golang.org/x/crypto v0.31.0
-	golang.org/x/net v0.27.0
+	golang.org/x/net v0.33.0
 	golang.org/x/text v0.21.0
 )
 
diff --git a/v3/go.sum b/v3/go.sum
index 9855af98a..ec8003090 100644
--- a/v3/go.sum
+++ b/v3/go.sum
@@ -86,6 +86,8 @@ golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
 golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
 golang.org/x/net v0.27.0 h1:5K3Njcw06/l2y9vpGCSdcxWOYHOUk3dVNGDXN+FvAys=
 golang.org/x/net v0.27.0/go.mod h1:dDi0PyhWNoiUOrAS8uXv/vnScO4wnHQO4mj9fn/RytE=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
 golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=