Description of the patch:
This update for azure-storage-azcopy fixes the following issues
Update to 10.32.4:
- CVE-2025-47907: database/sql: incorrect results returned from Rows.Scan (bsc#1247720).
- CVE-2026-33186: google.golang.org/grpc: authorization bypass due to improper validation of the HTTP/2: path pseudo-
header (bsc#1260307).
- CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE
(bsc#1265841).
- CVE-2026-34986: github.com/go-jose/go-jose/v4: crafted JWE input with a missing encrypted key can lead to a denial of
service (bsc#1262962).
- CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation
bypass and privilege escalation (bsc#1266657).
Changes:
- Remove 32-bit Windows ARM7 build
- Cover other open CVEs (bsc#1266657, CVE-2026-39821)
- Update otel sdk
- Update packages and add patch version
- Update version.go
- Error formatting
- Add test to validate changes
- Update Changelog
- Alter intentional panics to return errors
- Correct issues re: MSRC case #110341
- Update offending packages
- cloud.google.com/go/storage v1.45.0 -> v1.50.0
- Golang 1.24.13 -> 1.25.8
- Golangci-lint v1.64.8 -> v2.11.3
- Fixed a regression where the folder tracker would panic with
pre-existing folders and --overwrite=ifSourceNewer. (#3403)
- Fixed a regression where cancellation was not working via stdin (#3373)
- Fixed a regression where we hit segfaults from logging
to a nil logger in the process checker. (#3384)
- Fixed a race condition panic from concurrent access to a
shared metadata resource by introducing thread safety. (#3341)
- Fixed a bug where --posix-properties-style was not being chained
through the copy flow correctly. (#3401)
- Fixed a regression where in tandem use of --list-of-files
and --include-pattern no longer worked. (#3389)
- Golang 1.24.11 -> 1.24.13
- Added support for AMLFS style posix...