Bump Go to 1.25.5 / 1.24.11

[ivanvc]

What would you like to be added?

Go 1.25.5 and 1.24.11 were released yesterday; they include fixes in crypto/x509 for CVEs: CVE-2025-61729 and CVE-2025-61727. According to our Dependency management documentation, we want to stay on the latest patch version. This means updating our stable branches to 1.24.11 and main to 1.25.5.

Progress track:

• etcd
  • main: go v1.25.5 - build(deps): update go version to 1.25.5 #20992
  • release-3.6: go v1.24.11
  • release-3.5: go v1.24.11
  • release-3.4: go v1.24.11
  • CHANGELOG
• bbolt
  • main: go v1.24.11
  • release-1.4: v1.24.11
  • release-1.3: v1.24.11
• raft
  • main: go v1.24.11
  • release-3.6: go v1.24.11
• etcd-io/gofail master: go v1.24.11
• etcd-io/auger main: go v1.25.5
• etcd-io/etcd-operator: go v1.25.5
• etcd-io/protodoc: go v1.24.11

Why is this needed?

To keep our Go version up to date and to address CVEs: CVE-2025-61729 and CVE-2025-61727

[ivanvc]

cc. @hwdef

[hwdef]

I want to do this, thanks!

[ivanvc]

/assign @hwdef

[ronaldngounou]

Hi @ivanvc , @hwdef ,
Have we considered mechanisms to automate this process in the past?