From c9c5992c6f1575bbb95710e82455620df9cc22cd Mon Sep 17 00:00:00 2001
From: Michal Nowacki <mnowacki@newrelic.com>
Date: Thu, 19 Dec 2024 18:53:12 -0500
Subject: [PATCH] security(daemon): upgrade golang.org/x/net to v0.33.0 (#999)

Address CVE-2024-45338 by upgrading golang.org/x/net to v0.33.0

go get golang.org/x/net@v0.33.0
go: upgraded golang.org/x/net v0.23.0 => v0.33.0
go: upgraded golang.org/x/sys v0.18.0 => v0.28.0
go: upgraded golang.org/x/text v0.14.0 => v0.21.0
---
 daemon/go.mod |  7 ++++---
 daemon/go.sum | 12 ++++++------
 2 files changed, 10 insertions(+), 9 deletions(-)

diff --git a/daemon/go.mod b/daemon/go.mod
index 5fb45e76e..5685974d5 100644
--- a/daemon/go.mod
+++ b/daemon/go.mod
@@ -1,18 +1,19 @@
 module github.com/newrelic/newrelic-php-agent/daemon
 
 go 1.21
+
 toolchain go1.23.1
 
 require (
 	github.com/golang/protobuf v1.5.3
 	github.com/google/flatbuffers v23.5.26+incompatible
-	golang.org/x/net v0.23.0
+	golang.org/x/net v0.33.0
 	google.golang.org/grpc v1.61.0
 	google.golang.org/protobuf v1.33.0
 )
 
 require (
-	golang.org/x/sys v0.18.0 // indirect
-	golang.org/x/text v0.14.0 // indirect
+	golang.org/x/sys v0.28.0 // indirect
+	golang.org/x/text v0.21.0 // indirect
 	google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 // indirect
 )
diff --git a/daemon/go.sum b/daemon/go.sum
index f7f322d87..8ede3e252 100644
--- a/daemon/go.sum
+++ b/daemon/go.sum
@@ -6,12 +6,12 @@ github.com/google/flatbuffers v23.5.26+incompatible/go.mod h1:1AeVuKshWv4vARoZat
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs=
-golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
-golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
-golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
-golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
+golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I=
+golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4=
+golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA=
+golang.org/x/sys v0.28.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
+golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo=
+golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
 golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17 h1:Jyp0Hsi0bmHXG6k9eATXoYtjd6e2UzZ1SCn/wIupY14=
 google.golang.org/genproto/googleapis/rpc v0.0.0-20231106174013-bbf56f31fb17/go.mod h1:oQ5rr10WTTMvP4A36n8JpR1OrO1BEiV4f78CneXZxkA=