fix: upgrade Go to 1.25.5 to address CVE-2025-61729 and CVE-2025-61727 (#2501)

jjbustamante · claude · web-flow · commit dc9220d34a03 · 2025-12-10T07:39:43.000-05:00
This commit updates the Go version from 1.25.3 to 1.25.5 to fix two security vulnerabilities in the Go standard library. 🤖 Generated with [Claude Code](https://claude.com/claude-code) Signed-off-by: Juan Bustamante <bustamantejj@gmail.com> Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
diff --git a/go.mod b/go.mod
@@ -156,4 +156,4 @@ require (
 
 replace github.com/BurntSushi/toml => github.com/BurntSushi/toml v1.3.2
 
-go 1.25.3
+go 1.25.5
diff --git a/tools/go.mod b/tools/go.mod
@@ -2,7 +2,7 @@ module github.com/buildpacks/pack/tools
 
 go 1.25.0
 
-toolchain go1.25.3
+toolchain go1.25.5
 
 require (
 	github.com/golang/mock v1.6.0

Original file line number	Diff line number	Diff line change
`@@ -156,4 +156,4 @@ require (`
`156`	`156`
`157`	`157`	`replace github.com/BurntSushi/toml => github.com/BurntSushi/toml v1.3.2`
`158`	`158`
`159`		`-go 1.25.3`
	`159`	`+go 1.25.5`