From 2a5a7d828831b0c5edbf180a0406cefcf741811d Mon Sep 17 00:00:00 2001
From: Vineeth Bandi <vineeth.bandi@utexas.edu>
Date: Tue, 14 Jan 2025 16:32:29 -0600
Subject: [PATCH] update coredns/coredns 1.29-1.32 (#3524)

* update coredns/coredns 1.29-1.32

* checksums

* try newer golang version

* checksums
---
 projects/coredns/coredns/1-29/CHECKSUMS       |  4 +-
 projects/coredns/coredns/1-29/GIT_TAG         |  2 +-
 projects/coredns/coredns/1-29/GOLANG_VERSION  |  2 +-
 .../patches/0001-update-quic-go-for-CVE.patch | 46 +++++++++++++++++++
 .../0007-Patch-for-CVE-2024-51744.patch       | 40 ----------------
 projects/coredns/coredns/1-30/CHECKSUMS       |  4 +-
 projects/coredns/coredns/1-30/GIT_TAG         |  2 +-
 projects/coredns/coredns/1-30/GOLANG_VERSION  |  2 +-
 .../0001-Patch-for-CVE-2024-51744.patch       | 40 ----------------
 .../patches/0001-update-quic-go-for-CVE.patch | 46 +++++++++++++++++++
 projects/coredns/coredns/1-31/CHECKSUMS       |  4 +-
 projects/coredns/coredns/1-31/GIT_TAG         |  2 +-
 projects/coredns/coredns/1-31/GOLANG_VERSION  |  2 +-
 .../0001-Patch-for-CVE-2024-51744.patch       | 40 ----------------
 .../patches/0001-update-quic-go-for-CVE.patch | 46 +++++++++++++++++++
 projects/coredns/coredns/1-32/CHECKSUMS       |  4 +-
 projects/coredns/coredns/1-32/GIT_TAG         |  2 +-
 projects/coredns/coredns/1-32/GOLANG_VERSION  |  2 +-
 .../0001-Patch-for-CVE-2024-51744.patch       | 40 ----------------
 .../patches/0001-update-quic-go-for-CVE.patch | 46 +++++++++++++++++++
 20 files changed, 200 insertions(+), 176 deletions(-)
 create mode 100644 projects/coredns/coredns/1-29/patches/0001-update-quic-go-for-CVE.patch
 delete mode 100644 projects/coredns/coredns/1-29/patches/0007-Patch-for-CVE-2024-51744.patch
 delete mode 100644 projects/coredns/coredns/1-30/patches/0001-Patch-for-CVE-2024-51744.patch
 create mode 100644 projects/coredns/coredns/1-30/patches/0001-update-quic-go-for-CVE.patch
 delete mode 100644 projects/coredns/coredns/1-31/patches/0001-Patch-for-CVE-2024-51744.patch
 create mode 100644 projects/coredns/coredns/1-31/patches/0001-update-quic-go-for-CVE.patch
 delete mode 100644 projects/coredns/coredns/1-32/patches/0001-Patch-for-CVE-2024-51744.patch
 create mode 100644 projects/coredns/coredns/1-32/patches/0001-update-quic-go-for-CVE.patch

diff --git a/projects/coredns/coredns/1-29/CHECKSUMS b/projects/coredns/coredns/1-29/CHECKSUMS
index 006726c2d6..86d6165ecb 100644
--- a/projects/coredns/coredns/1-29/CHECKSUMS
+++ b/projects/coredns/coredns/1-29/CHECKSUMS
@@ -1,2 +1,2 @@
-cc8d02dbd34fd5f97ec455dcd5da6ca87121a6acf03909124753b0544a01c3cc  _output/1-29/bin/coredns/linux-amd64/coredns
-64781aacb36ab95d187fcd8dc3939777660c5c719ae112d19cedacaad259ef41  _output/1-29/bin/coredns/linux-arm64/coredns
\ No newline at end of file
+32c1a5d8d224bcb1a329ca34c2bddeb94e080fa28ea30b8ba11bb4a4cb748e7d  _output/1-29/bin/coredns/linux-amd64/coredns
+fa5e54a0fe5ed15b34b51f451676761b6688c9107681bc06b9c3a39fd7f4a779  _output/1-29/bin/coredns/linux-arm64/coredns
diff --git a/projects/coredns/coredns/1-29/GIT_TAG b/projects/coredns/coredns/1-29/GIT_TAG
index fd68c8704e..49b0841ecd 100644
--- a/projects/coredns/coredns/1-29/GIT_TAG
+++ b/projects/coredns/coredns/1-29/GIT_TAG
@@ -1 +1 @@
-v1.11.3
\ No newline at end of file
+v1.11.4
\ No newline at end of file
diff --git a/projects/coredns/coredns/1-29/GOLANG_VERSION b/projects/coredns/coredns/1-29/GOLANG_VERSION
index d2ab029d32..a1b6e17d61 100644
--- a/projects/coredns/coredns/1-29/GOLANG_VERSION
+++ b/projects/coredns/coredns/1-29/GOLANG_VERSION
@@ -1 +1 @@
-1.21
+1.23
diff --git a/projects/coredns/coredns/1-29/patches/0001-update-quic-go-for-CVE.patch b/projects/coredns/coredns/1-29/patches/0001-update-quic-go-for-CVE.patch
new file mode 100644
index 0000000000..84d7579c2c
--- /dev/null
+++ b/projects/coredns/coredns/1-29/patches/0001-update-quic-go-for-CVE.patch
@@ -0,0 +1,46 @@
+From e9caa7236d6260032e13ad1b48e6987e4a554191 Mon Sep 17 00:00:00 2001
+From: Todd Neal <tnealt@amazon.com>
+Date: Sat, 7 Dec 2024 17:24:44 +0000
+Subject: [PATCH] update quic-go for CVE
+
+Vulnerability #1: GO-2024-3302
+    quic-go affected by an ICMP Packet Too Large Injection Attack on Linux in
+    github.com/quic-go/quic-go
+  More info: https://pkg.go.dev/vuln/GO-2024-3302
+  Module: github.com/quic-go/quic-go
+    Found in: github.com/quic-go/quic-go@v0.48.1
+    Fixed in: github.com/quic-go/quic-go@v0.48.2
+---
+ go.mod | 2 +-
+ go.sum | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/go.mod b/go.mod
+index 353efa08e..b91b68b7e 100644
+--- a/go.mod
++++ b/go.mod
+@@ -28,7 +28,7 @@ require (
+ 	github.com/prometheus/client_golang v1.20.5
+ 	github.com/prometheus/client_model v0.6.1
+ 	github.com/prometheus/common v0.60.1
+-	github.com/quic-go/quic-go v0.48.1
++	github.com/quic-go/quic-go v0.48.2
+ 	go.etcd.io/etcd/api/v3 v3.5.16
+ 	go.etcd.io/etcd/client/v3 v3.5.16
+ 	golang.org/x/crypto v0.28.0
+diff --git a/go.sum b/go.sum
+index 42967a59e..32aa89b01 100644
+--- a/go.sum
++++ b/go.sum
+@@ -299,6 +299,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
+ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+ github.com/quic-go/quic-go v0.48.1 h1:y/8xmfWI9qmGTc+lBr4jKRUWLGSlSigv847ULJ4hYXA=
+ github.com/quic-go/quic-go v0.48.1/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
++github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
++github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+ github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 h1:4+LEVOB87y175cLJC/mbsgKmoDOjrBldtXvioEy96WY=
+-- 
+2.40.1
+
diff --git a/projects/coredns/coredns/1-29/patches/0007-Patch-for-CVE-2024-51744.patch b/projects/coredns/coredns/1-29/patches/0007-Patch-for-CVE-2024-51744.patch
deleted file mode 100644
index c055d73bf6..0000000000
--- a/projects/coredns/coredns/1-29/patches/0007-Patch-for-CVE-2024-51744.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 77105c71d212aeab6dcf350fa4da5bdb8c6fa56e Mon Sep 17 00:00:00 2001
-From: sushrk <ravsushm@amazon.com>
-Date: Wed, 6 Nov 2024 23:51:08 +0000
-Subject: [PATCH] Patch for CVE-2024-51744
-
----
- go.mod | 2 +-
- go.sum | 3 ++-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/go.mod b/go.mod
-index 70e142617..6ca11d009 100644
---- a/go.mod
-+++ b/go.mod
-@@ -76,7 +76,7 @@ require (
- 	github.com/go-openapi/swag v0.22.3 // indirect
- 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
- 	github.com/gogo/protobuf v1.3.2 // indirect
--	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
-+	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
- 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- 	github.com/golang/protobuf v1.5.4 // indirect
- 	github.com/google/gnostic-models v0.6.8 // indirect
-diff --git a/go.sum b/go.sum
-index c86508130..165223df8 100644
---- a/go.sum
-+++ b/go.sum
-@@ -116,8 +116,9 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
- github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
- github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
- github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
--github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
- github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
- github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
- github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
---
-2.40.1
diff --git a/projects/coredns/coredns/1-30/CHECKSUMS b/projects/coredns/coredns/1-30/CHECKSUMS
index 32ede89835..407d337fc3 100644
--- a/projects/coredns/coredns/1-30/CHECKSUMS
+++ b/projects/coredns/coredns/1-30/CHECKSUMS
@@ -1,2 +1,2 @@
-cc8d02dbd34fd5f97ec455dcd5da6ca87121a6acf03909124753b0544a01c3cc  _output/1-30/bin/coredns/linux-amd64/coredns
-64781aacb36ab95d187fcd8dc3939777660c5c719ae112d19cedacaad259ef41  _output/1-30/bin/coredns/linux-arm64/coredns
\ No newline at end of file
+32c1a5d8d224bcb1a329ca34c2bddeb94e080fa28ea30b8ba11bb4a4cb748e7d  _output/1-30/bin/coredns/linux-amd64/coredns
+fa5e54a0fe5ed15b34b51f451676761b6688c9107681bc06b9c3a39fd7f4a779  _output/1-30/bin/coredns/linux-arm64/coredns
diff --git a/projects/coredns/coredns/1-30/GIT_TAG b/projects/coredns/coredns/1-30/GIT_TAG
index 3d461ead64..f5f1545d80 100644
--- a/projects/coredns/coredns/1-30/GIT_TAG
+++ b/projects/coredns/coredns/1-30/GIT_TAG
@@ -1 +1 @@
-v1.11.3
+v1.11.4
diff --git a/projects/coredns/coredns/1-30/GOLANG_VERSION b/projects/coredns/coredns/1-30/GOLANG_VERSION
index d2ab029d32..a1b6e17d61 100644
--- a/projects/coredns/coredns/1-30/GOLANG_VERSION
+++ b/projects/coredns/coredns/1-30/GOLANG_VERSION
@@ -1 +1 @@
-1.21
+1.23
diff --git a/projects/coredns/coredns/1-30/patches/0001-Patch-for-CVE-2024-51744.patch b/projects/coredns/coredns/1-30/patches/0001-Patch-for-CVE-2024-51744.patch
deleted file mode 100644
index c055d73bf6..0000000000
--- a/projects/coredns/coredns/1-30/patches/0001-Patch-for-CVE-2024-51744.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 77105c71d212aeab6dcf350fa4da5bdb8c6fa56e Mon Sep 17 00:00:00 2001
-From: sushrk <ravsushm@amazon.com>
-Date: Wed, 6 Nov 2024 23:51:08 +0000
-Subject: [PATCH] Patch for CVE-2024-51744
-
----
- go.mod | 2 +-
- go.sum | 3 ++-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/go.mod b/go.mod
-index 70e142617..6ca11d009 100644
---- a/go.mod
-+++ b/go.mod
-@@ -76,7 +76,7 @@ require (
- 	github.com/go-openapi/swag v0.22.3 // indirect
- 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
- 	github.com/gogo/protobuf v1.3.2 // indirect
--	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
-+	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
- 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- 	github.com/golang/protobuf v1.5.4 // indirect
- 	github.com/google/gnostic-models v0.6.8 // indirect
-diff --git a/go.sum b/go.sum
-index c86508130..165223df8 100644
---- a/go.sum
-+++ b/go.sum
-@@ -116,8 +116,9 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
- github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
- github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
- github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
--github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
- github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
- github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
- github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
---
-2.40.1
diff --git a/projects/coredns/coredns/1-30/patches/0001-update-quic-go-for-CVE.patch b/projects/coredns/coredns/1-30/patches/0001-update-quic-go-for-CVE.patch
new file mode 100644
index 0000000000..84d7579c2c
--- /dev/null
+++ b/projects/coredns/coredns/1-30/patches/0001-update-quic-go-for-CVE.patch
@@ -0,0 +1,46 @@
+From e9caa7236d6260032e13ad1b48e6987e4a554191 Mon Sep 17 00:00:00 2001
+From: Todd Neal <tnealt@amazon.com>
+Date: Sat, 7 Dec 2024 17:24:44 +0000
+Subject: [PATCH] update quic-go for CVE
+
+Vulnerability #1: GO-2024-3302
+    quic-go affected by an ICMP Packet Too Large Injection Attack on Linux in
+    github.com/quic-go/quic-go
+  More info: https://pkg.go.dev/vuln/GO-2024-3302
+  Module: github.com/quic-go/quic-go
+    Found in: github.com/quic-go/quic-go@v0.48.1
+    Fixed in: github.com/quic-go/quic-go@v0.48.2
+---
+ go.mod | 2 +-
+ go.sum | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/go.mod b/go.mod
+index 353efa08e..b91b68b7e 100644
+--- a/go.mod
++++ b/go.mod
+@@ -28,7 +28,7 @@ require (
+ 	github.com/prometheus/client_golang v1.20.5
+ 	github.com/prometheus/client_model v0.6.1
+ 	github.com/prometheus/common v0.60.1
+-	github.com/quic-go/quic-go v0.48.1
++	github.com/quic-go/quic-go v0.48.2
+ 	go.etcd.io/etcd/api/v3 v3.5.16
+ 	go.etcd.io/etcd/client/v3 v3.5.16
+ 	golang.org/x/crypto v0.28.0
+diff --git a/go.sum b/go.sum
+index 42967a59e..32aa89b01 100644
+--- a/go.sum
++++ b/go.sum
+@@ -299,6 +299,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
+ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+ github.com/quic-go/quic-go v0.48.1 h1:y/8xmfWI9qmGTc+lBr4jKRUWLGSlSigv847ULJ4hYXA=
+ github.com/quic-go/quic-go v0.48.1/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
++github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
++github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+ github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 h1:4+LEVOB87y175cLJC/mbsgKmoDOjrBldtXvioEy96WY=
+-- 
+2.40.1
+
diff --git a/projects/coredns/coredns/1-31/CHECKSUMS b/projects/coredns/coredns/1-31/CHECKSUMS
index eed6c78823..2de42eaa9a 100644
--- a/projects/coredns/coredns/1-31/CHECKSUMS
+++ b/projects/coredns/coredns/1-31/CHECKSUMS
@@ -1,2 +1,2 @@
-cc8d02dbd34fd5f97ec455dcd5da6ca87121a6acf03909124753b0544a01c3cc  _output/1-31/bin/coredns/linux-amd64/coredns
-64781aacb36ab95d187fcd8dc3939777660c5c719ae112d19cedacaad259ef41  _output/1-31/bin/coredns/linux-arm64/coredns
\ No newline at end of file
+32c1a5d8d224bcb1a329ca34c2bddeb94e080fa28ea30b8ba11bb4a4cb748e7d  _output/1-31/bin/coredns/linux-amd64/coredns
+fa5e54a0fe5ed15b34b51f451676761b6688c9107681bc06b9c3a39fd7f4a779  _output/1-31/bin/coredns/linux-arm64/coredns
diff --git a/projects/coredns/coredns/1-31/GIT_TAG b/projects/coredns/coredns/1-31/GIT_TAG
index 3d461ead64..f5f1545d80 100644
--- a/projects/coredns/coredns/1-31/GIT_TAG
+++ b/projects/coredns/coredns/1-31/GIT_TAG
@@ -1 +1 @@
-v1.11.3
+v1.11.4
diff --git a/projects/coredns/coredns/1-31/GOLANG_VERSION b/projects/coredns/coredns/1-31/GOLANG_VERSION
index d2ab029d32..a1b6e17d61 100644
--- a/projects/coredns/coredns/1-31/GOLANG_VERSION
+++ b/projects/coredns/coredns/1-31/GOLANG_VERSION
@@ -1 +1 @@
-1.21
+1.23
diff --git a/projects/coredns/coredns/1-31/patches/0001-Patch-for-CVE-2024-51744.patch b/projects/coredns/coredns/1-31/patches/0001-Patch-for-CVE-2024-51744.patch
deleted file mode 100644
index c055d73bf6..0000000000
--- a/projects/coredns/coredns/1-31/patches/0001-Patch-for-CVE-2024-51744.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 77105c71d212aeab6dcf350fa4da5bdb8c6fa56e Mon Sep 17 00:00:00 2001
-From: sushrk <ravsushm@amazon.com>
-Date: Wed, 6 Nov 2024 23:51:08 +0000
-Subject: [PATCH] Patch for CVE-2024-51744
-
----
- go.mod | 2 +-
- go.sum | 3 ++-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/go.mod b/go.mod
-index 70e142617..6ca11d009 100644
---- a/go.mod
-+++ b/go.mod
-@@ -76,7 +76,7 @@ require (
- 	github.com/go-openapi/swag v0.22.3 // indirect
- 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
- 	github.com/gogo/protobuf v1.3.2 // indirect
--	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
-+	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
- 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- 	github.com/golang/protobuf v1.5.4 // indirect
- 	github.com/google/gnostic-models v0.6.8 // indirect
-diff --git a/go.sum b/go.sum
-index c86508130..165223df8 100644
---- a/go.sum
-+++ b/go.sum
-@@ -116,8 +116,9 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
- github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
- github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
- github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
--github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
- github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
- github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
- github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
---
-2.40.1
diff --git a/projects/coredns/coredns/1-31/patches/0001-update-quic-go-for-CVE.patch b/projects/coredns/coredns/1-31/patches/0001-update-quic-go-for-CVE.patch
new file mode 100644
index 0000000000..84d7579c2c
--- /dev/null
+++ b/projects/coredns/coredns/1-31/patches/0001-update-quic-go-for-CVE.patch
@@ -0,0 +1,46 @@
+From e9caa7236d6260032e13ad1b48e6987e4a554191 Mon Sep 17 00:00:00 2001
+From: Todd Neal <tnealt@amazon.com>
+Date: Sat, 7 Dec 2024 17:24:44 +0000
+Subject: [PATCH] update quic-go for CVE
+
+Vulnerability #1: GO-2024-3302
+    quic-go affected by an ICMP Packet Too Large Injection Attack on Linux in
+    github.com/quic-go/quic-go
+  More info: https://pkg.go.dev/vuln/GO-2024-3302
+  Module: github.com/quic-go/quic-go
+    Found in: github.com/quic-go/quic-go@v0.48.1
+    Fixed in: github.com/quic-go/quic-go@v0.48.2
+---
+ go.mod | 2 +-
+ go.sum | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/go.mod b/go.mod
+index 353efa08e..b91b68b7e 100644
+--- a/go.mod
++++ b/go.mod
+@@ -28,7 +28,7 @@ require (
+ 	github.com/prometheus/client_golang v1.20.5
+ 	github.com/prometheus/client_model v0.6.1
+ 	github.com/prometheus/common v0.60.1
+-	github.com/quic-go/quic-go v0.48.1
++	github.com/quic-go/quic-go v0.48.2
+ 	go.etcd.io/etcd/api/v3 v3.5.16
+ 	go.etcd.io/etcd/client/v3 v3.5.16
+ 	golang.org/x/crypto v0.28.0
+diff --git a/go.sum b/go.sum
+index 42967a59e..32aa89b01 100644
+--- a/go.sum
++++ b/go.sum
+@@ -299,6 +299,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
+ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+ github.com/quic-go/quic-go v0.48.1 h1:y/8xmfWI9qmGTc+lBr4jKRUWLGSlSigv847ULJ4hYXA=
+ github.com/quic-go/quic-go v0.48.1/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
++github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
++github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+ github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 h1:4+LEVOB87y175cLJC/mbsgKmoDOjrBldtXvioEy96WY=
+-- 
+2.40.1
+
diff --git a/projects/coredns/coredns/1-32/CHECKSUMS b/projects/coredns/coredns/1-32/CHECKSUMS
index 690a8349fd..05ed800c39 100644
--- a/projects/coredns/coredns/1-32/CHECKSUMS
+++ b/projects/coredns/coredns/1-32/CHECKSUMS
@@ -1,2 +1,2 @@
-cc8d02dbd34fd5f97ec455dcd5da6ca87121a6acf03909124753b0544a01c3cc  _output/1-32/bin/coredns/linux-amd64/coredns
-64781aacb36ab95d187fcd8dc3939777660c5c719ae112d19cedacaad259ef41  _output/1-32/bin/coredns/linux-arm64/coredns
+32c1a5d8d224bcb1a329ca34c2bddeb94e080fa28ea30b8ba11bb4a4cb748e7d  _output/1-32/bin/coredns/linux-amd64/coredns
+fa5e54a0fe5ed15b34b51f451676761b6688c9107681bc06b9c3a39fd7f4a779  _output/1-32/bin/coredns/linux-arm64/coredns
diff --git a/projects/coredns/coredns/1-32/GIT_TAG b/projects/coredns/coredns/1-32/GIT_TAG
index 3d461ead64..f5f1545d80 100644
--- a/projects/coredns/coredns/1-32/GIT_TAG
+++ b/projects/coredns/coredns/1-32/GIT_TAG
@@ -1 +1 @@
-v1.11.3
+v1.11.4
diff --git a/projects/coredns/coredns/1-32/GOLANG_VERSION b/projects/coredns/coredns/1-32/GOLANG_VERSION
index d2ab029d32..a1b6e17d61 100644
--- a/projects/coredns/coredns/1-32/GOLANG_VERSION
+++ b/projects/coredns/coredns/1-32/GOLANG_VERSION
@@ -1 +1 @@
-1.21
+1.23
diff --git a/projects/coredns/coredns/1-32/patches/0001-Patch-for-CVE-2024-51744.patch b/projects/coredns/coredns/1-32/patches/0001-Patch-for-CVE-2024-51744.patch
deleted file mode 100644
index c055d73bf6..0000000000
--- a/projects/coredns/coredns/1-32/patches/0001-Patch-for-CVE-2024-51744.patch
+++ /dev/null
@@ -1,40 +0,0 @@
-From 77105c71d212aeab6dcf350fa4da5bdb8c6fa56e Mon Sep 17 00:00:00 2001
-From: sushrk <ravsushm@amazon.com>
-Date: Wed, 6 Nov 2024 23:51:08 +0000
-Subject: [PATCH] Patch for CVE-2024-51744
-
----
- go.mod | 2 +-
- go.sum | 3 ++-
- 2 files changed, 3 insertions(+), 2 deletions(-)
-
-diff --git a/go.mod b/go.mod
-index 70e142617..6ca11d009 100644
---- a/go.mod
-+++ b/go.mod
-@@ -76,7 +76,7 @@ require (
- 	github.com/go-openapi/swag v0.22.3 // indirect
- 	github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect
- 	github.com/gogo/protobuf v1.3.2 // indirect
--	github.com/golang-jwt/jwt/v4 v4.5.0 // indirect
-+	github.com/golang-jwt/jwt/v4 v4.5.1 // indirect
- 	github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
- 	github.com/golang/protobuf v1.5.4 // indirect
- 	github.com/google/gnostic-models v0.6.8 // indirect
-diff --git a/go.sum b/go.sum
-index c86508130..165223df8 100644
---- a/go.sum
-+++ b/go.sum
-@@ -116,8 +116,9 @@ github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
- github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
- github.com/golang-jwt/jwt/v4 v4.0.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
- github.com/golang-jwt/jwt/v4 v4.2.0/go.mod h1:/xlHOz8bRuivTWchD4jCa+NbatV+wEUSzwAxVc6locg=
--github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
- github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
-+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
- github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
- github.com/golang/groupcache v0.0.0-20200121045136-8c9f03a8e57e/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
- github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da h1:oI5xCqsCo564l8iNU+DwB5epxmsaqB+rhGL0m5jtYqE=
---
-2.40.1
diff --git a/projects/coredns/coredns/1-32/patches/0001-update-quic-go-for-CVE.patch b/projects/coredns/coredns/1-32/patches/0001-update-quic-go-for-CVE.patch
new file mode 100644
index 0000000000..84d7579c2c
--- /dev/null
+++ b/projects/coredns/coredns/1-32/patches/0001-update-quic-go-for-CVE.patch
@@ -0,0 +1,46 @@
+From e9caa7236d6260032e13ad1b48e6987e4a554191 Mon Sep 17 00:00:00 2001
+From: Todd Neal <tnealt@amazon.com>
+Date: Sat, 7 Dec 2024 17:24:44 +0000
+Subject: [PATCH] update quic-go for CVE
+
+Vulnerability #1: GO-2024-3302
+    quic-go affected by an ICMP Packet Too Large Injection Attack on Linux in
+    github.com/quic-go/quic-go
+  More info: https://pkg.go.dev/vuln/GO-2024-3302
+  Module: github.com/quic-go/quic-go
+    Found in: github.com/quic-go/quic-go@v0.48.1
+    Fixed in: github.com/quic-go/quic-go@v0.48.2
+---
+ go.mod | 2 +-
+ go.sum | 2 ++
+ 2 files changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/go.mod b/go.mod
+index 353efa08e..b91b68b7e 100644
+--- a/go.mod
++++ b/go.mod
+@@ -28,7 +28,7 @@ require (
+ 	github.com/prometheus/client_golang v1.20.5
+ 	github.com/prometheus/client_model v0.6.1
+ 	github.com/prometheus/common v0.60.1
+-	github.com/quic-go/quic-go v0.48.1
++	github.com/quic-go/quic-go v0.48.2
+ 	go.etcd.io/etcd/api/v3 v3.5.16
+ 	go.etcd.io/etcd/client/v3 v3.5.16
+ 	golang.org/x/crypto v0.28.0
+diff --git a/go.sum b/go.sum
+index 42967a59e..32aa89b01 100644
+--- a/go.sum
++++ b/go.sum
+@@ -299,6 +299,8 @@ github.com/prometheus/procfs v0.15.1 h1:YagwOFzUgYfKKHX6Dr+sHT7km/hxC76UB0leargg
+ github.com/prometheus/procfs v0.15.1/go.mod h1:fB45yRUv8NstnjriLhBQLuOUt+WW4BsoGhij/e3PBqk=
+ github.com/quic-go/quic-go v0.48.1 h1:y/8xmfWI9qmGTc+lBr4jKRUWLGSlSigv847ULJ4hYXA=
+ github.com/quic-go/quic-go v0.48.1/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
++github.com/quic-go/quic-go v0.48.2 h1:wsKXZPeGWpMpCGSWqOcqpW2wZYic/8T3aqiOID0/KWE=
++github.com/quic-go/quic-go v0.48.2/go.mod h1:yBgs3rWBOADpga7F+jJsb6Ybg1LSYiQvwWlLX+/6HMs=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
+ github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
+ github.com/richardartoul/molecule v1.0.1-0.20240531184615-7ca0df43c0b3 h1:4+LEVOB87y175cLJC/mbsgKmoDOjrBldtXvioEy96WY=
+-- 
+2.40.1
+