mirror of https://github.com/status-im/consul.git
[NET-8368] security: bump Go version to 1.21.8 (#20812)
* [NET-8368] Bump Go version
This commit is contained in:
parent
bfbc0ee4fd
commit
e9029ccd7a
|
@ -0,0 +1,14 @@
|
||||||
|
```release-note:security
|
||||||
|
Upgrade to use Go `1.21.8`. This resolves CVEs
|
||||||
|
[CVE-2024-24783](https://nvd.nist.gov/vuln/detail/CVE-2024-24783) (`crypto/x509`).
|
||||||
|
[CVE-2023-45290](https://nvd.nist.gov/vuln/detail/CVE-2023-45290) (`net/http`).
|
||||||
|
[CVE-2023-45289](https://nvd.nist.gov/vuln/detail/CVE-2023-45289) (`net/http`, `net/http/cookiejar`).
|
||||||
|
[CVE-2024-24785](https://nvd.nist.gov/vuln/detail/CVE-2024-24785) (`html/template`).
|
||||||
|
[CVE-2024-24784](https://nvd.nist.gov/vuln/detail/CVE-2024-24784) (`net/mail`).
|
||||||
|
```
|
||||||
|
|
||||||
|
```release-note:security
|
||||||
|
Update the Consul Build Go base image to `alpine3.19`. This resolves CVEs
|
||||||
|
[CVE-2023-52425](https://nvd.nist.gov/vuln/detail/CVE-2023-52425)
|
||||||
|
[CVE-2023-52426](https://nvd.nist.gov/vuln/detail/CVE-2023-52426)
|
||||||
|
```
|
|
@ -1 +1 @@
|
||||||
1.21.7
|
1.21.8
|
||||||
|
|
|
@ -2,6 +2,6 @@
|
||||||
# SPDX-License-Identifier: BUSL-1.1
|
# SPDX-License-Identifier: BUSL-1.1
|
||||||
|
|
||||||
ARG GOLANG_VERSION
|
ARG GOLANG_VERSION
|
||||||
FROM golang:${GOLANG_VERSION}
|
FROM golang:${GOLANG_VERSION}-alpine3.19
|
||||||
|
|
||||||
WORKDIR /consul
|
WORKDIR /consul
|
||||||
|
|
Loading…
Reference in New Issue