From d44a945ca17226f0e151031ed7a9ef80a50a21ad Mon Sep 17 00:00:00 2001
From: RainbowMango <qdurenhongcai@gmail.com>
Date: Thu, 20 Nov 2025 16:08:05 +0800
Subject: [PATCH] Bump Golang version to v1.24.10 to address CVE-2025-47907,
 CVE-2025-47906

Signed-off-by: RainbowMango <qdurenhongcai@gmail.com>
---
 Dockerfile | 2 +-
 Makefile   | 2 +-
 go.mod     | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 5a3b4ea89..e4351b6e7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,7 +1,7 @@
 # Update the base image in Makefile when updating golang version. This has to
 # be pre-pulled in order to work on GCB.
 ARG ARCH
-FROM golang:1.24.5 as build
+FROM golang:1.24.10 as build
 
 WORKDIR /go/src/sigs.k8s.io/metrics-server
 COPY go.mod .
diff --git a/Makefile b/Makefile
index cef265069..d88a8cb0a 100644
--- a/Makefile
+++ b/Makefile
@@ -81,7 +81,7 @@ CONTAINER_ARCH_TARGETS=$(addprefix container-,$(ALL_ARCHITECTURES))
 container:
 	# Pull base image explicitly. Keep in sync with Dockerfile, otherwise
 	# GCB builds will start failing.
-	${CONTAINER_CLI} pull golang:1.24.5
+	${CONTAINER_CLI} pull golang:1.24.10
 	${CONTAINER_CLI} build -t $(REGISTRY)/metrics-server-$(ARCH):$(CHECKSUM) --build-arg ARCH=$(ARCH) --build-arg GIT_TAG=$(GIT_TAG) --build-arg GIT_COMMIT=$(GIT_COMMIT) .
 
 .PHONY: container-all
diff --git a/go.mod b/go.mod
index 4092b9832..4f8a7fcce 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module sigs.k8s.io/metrics-server
 
-go 1.24.5
+go 1.24.10
 
 require (
 	github.com/google/go-cmp v0.7.0