df209212cf
- https://github.com/golang/go/issues?q=milestone%3AGo1.23.7+label%3ACherryPickApproved - full diff: https://github.com/golang/go/compare/go1.23.6...go1.23.7 These minor releases include 1 security fixes following the security policy: net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs Matching of hosts against proxy patterns could improperly treat an IPv6 zone ID as a hostname component. For example, when the NO_PROXY environment variable was set to "*.example.com", a request to "[::1%25.example.com]:80` would incorrectly match and not be proxied. Thanks to Juho Forsén of Mattermost for reporting this issue. This is CVE-2025-22870 and Go issue https://go.dev/issue/71984. View the release notes for more information: https://go.dev/doc/devel/release#go1.23.7 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>