Update Dependencies to resolve known CVEs

[wSedlacek]

Describe the bug
There are several known CVEs found within the dependencies of the stable image.

https://quay.io/repository/mittwald/kube-httpcache/manifest/sha256:ed153b482be398b8d979cf4983b1936a97ca734837aac588e4e5e2f3fca58cbe?tab=vulnerabilities&fixable=true

To Reproduce
Use Docker Scout or a similar CVE scanner to check the stable image.

Expected behavior
It's not entirely unreasonable for there to be some CVEs found within the dependencies, but since there hasn't been an update to the image in 7 months many of these vulnerabilities are likely very easily fixed with some dependency bumps.

Perhaps dependabot or a similar tool with some CI steps to automate the deployments could help reduce the time cost with updating the images moving forward keeping this project healthier?

[animus888]

There have been some updates recently — I now see fewer findings in the scanner 🥳
@wSedlacek check it out.

Since the image is based on Debian Bullseye (which is still LTS), that’s great.
But maybe there are some packages that are not needed and can be removed in the Dockerfile to reduce the surface area for example libdb5.3, zlib1g?

[animus888]

Some of the findings would be fixed with a minor image update to -> golang:1.24.4-bullseye 💡