status-im
/
consul
mirror of https://github.com/status-im/consul.git
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

[NET-4865] security: Update Go version to 1.20.6 (#18190) 

Update Go version to 1.20.6

This resolves [CVE-2023-29406]
(https://nvd.nist.gov/vuln/detail/CVE-2023-29406) for uses of the
`net/http` standard library.

Note that until the follow-up to #18124 is done, the version of Go used
in those impacted tests will need to remain on 1.20.5.
This commit is contained in:
Michael Zalimeni 2023-07-19 17:02:18 -04:00 committed by GitHub
parent 003370ded0
commit e8dd04d662
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 17 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
.changelog/18190.txt Normal file
View File

@ -0,0 +1,5 @@
```release-note:security
Upgrade to use Go 1.20.6.
This resolves [CVE-2023-29406](https://github.com/advisories/GHSA-f8f7-69v5-w4vx)(`net/http`) for uses of the standard library.
A separate change updates dependencies on `golang.org/x/net` to use `0.12.0`.
```

22
.github/workflows/build.yml vendored
View File

@ -84,15 +84,15 @@ jobs:
strategy: strategy:
matrix: matrix:
include: include:
- {go: "1.20.4", goos: "linux", goarch: "386"} - {go: "1.20.6", goos: "linux", goarch: "386"}
- {go: "1.20.4", goos: "linux", goarch: "amd64"} - {go: "1.20.6", goos: "linux", goarch: "amd64"}
- {go: "1.20.4", goos: "linux", goarch: "arm"} - {go: "1.20.6", goos: "linux", goarch: "arm"}
- {go: "1.20.4", goos: "linux", goarch: "arm64"} - {go: "1.20.6", goos: "linux", goarch: "arm64"}
- {go: "1.20.4", goos: "freebsd", goarch: "386"} - {go: "1.20.6", goos: "freebsd", goarch: "386"}
- {go: "1.20.4", goos: "freebsd", goarch: "amd64"} - {go: "1.20.6", goos: "freebsd", goarch: "amd64"}
- {go: "1.20.4", goos: "windows", goarch: "386"} - {go: "1.20.6", goos: "windows", goarch: "386"}
- {go: "1.20.4", goos: "windows", goarch: "amd64"} - {go: "1.20.6", goos: "windows", goarch: "amd64"}
- {go: "1.20.4", goos: "solaris", goarch: "amd64"} - {go: "1.20.6", goos: "solaris", goarch: "amd64"}
fail-fast: true fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
@ -181,7 +181,7 @@ jobs:
strategy: strategy:
matrix: matrix:
include: include:
- {go: "1.20.4", goos: "linux", goarch: "s390x"} - {go: "1.20.6", goos: "linux", goarch: "s390x"}
fail-fast: true fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
@ -232,7 +232,7 @@ jobs:
matrix: matrix:
goos: [ darwin ] goos: [ darwin ]
goarch: [ "amd64", "arm64" ] goarch: [ "amd64", "arm64" ]
go: [ "1.20.4" ] go: [ "1.20.6" ]
fail-fast: true fail-fast: true
name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build

2
build-support/docker/Build-Go.dockerfile
View File

@ -1,7 +1,7 @@
# Copyright (c) HashiCorp, Inc. # Copyright (c) HashiCorp, Inc.
# SPDX-License-Identifier: MPL-2.0 # SPDX-License-Identifier: MPL-2.0
ARG GOLANG_VERSION=1.20.4 ARG GOLANG_VERSION=1.20.6
FROM golang:${GOLANG_VERSION} FROM golang:${GOLANG_VERSION}
WORKDIR /consul WORKDIR /consul