chore: fix CVE-2025-22871

[ryanzhang-oss]

What type of PR is this?
/kind security

What this PR does / why we need it:

Which issue(s) this PR fixes:

Fixes #

Requirements:

• run make reviewable for basic local test
• Read and followed fleet-networking's Code of conduct.
• uses conventional commit messages
• includes documentation
• adds unit tests

How has this code been tested

Special notes for your reviewer

[kaito-pr-agent]

Title

(Describe updated until commit cc26007)

Update Go version to 1.23.8 to address CVE-2025-22871

---

Description

• Updated Go version to 1.23.8 across workflows and Dockerfiles

• Addresses CVE-2025-22871 by upgrading Go

---

Changes walkthrough 📝

Relevant files

Security

10 files build-publish-mcr.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      e2e-tests.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      go.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      publish-image.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      trivy.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      unit-integration-tests.yml Updated GO_VERSION to 1.23.8                                                          +1/-1      hub-net-controller-manager.Dockerfile Updated Go version to 1.23.8                                                          +1/-1      mcs-controller-manager.Dockerfile Updated Go version to 1.23.8                                                          +1/-1      member-net-controller-manager.Dockerfile Updated Go version to 1.23.8                                                          +1/-1      go.mod Updated Go version to 1.23.8                                                          +1/-1

---

Need help?

Type /help how to ... in the comments thread for any questions about PR-Agent usage.

Check out the documentation for more information.

[kaito-pr-agent]

PR Reviewer Guide 🔍

(Review updated until commit cc26007)

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 2 🔵🔵⚪⚪⚪

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Version Consistency Ensure that all Go version references across the project are consistent and that updating to 1.23.8 does not break existing functionality. go 1.23.8

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 80.28%. Comparing base (9a65071) to head (cc26007).
Report is 2 commits behind head on main.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #295      +/-   ##
==========================================
- Coverage   80.50%   80.28%   -0.22%     
==========================================
  Files          29       29              
  Lines        4099     4099              
==========================================
- Hits         3300     3291       -9     
- Misses        634      643       +9     
  Partials      165      165              

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.