Bump Golang 1.10.6 (CVE-2018-16875)

go1.10.6 (released 2018/12/14) - crypto/x509: CPU denial of service in chain validation golang/go#29233 - cmd/go: directory traversal in "go get" via curly braces in import paths golang/go#29231 - cmd/go: remote command execution during "go get -u" golang/go#29230 See the Go 1.10.6 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.10.6 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2018-12-14 01:05:52 +01:00 · 2018-12-14 01:05:52 +01:00 · 6c3a10aaed
parent 3ee6755815
commit 6c3a10aaed
6 changed files with 6 additions and 6 deletions
--- a/appveyor.yml
+++ b/appveyor.yml
@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli

 environment:
  GOPATH: c:\gopath
-  GOVERSION: 1.10.5
+  GOVERSION: 1.10.6
  DEPVERSION: v0.4.1

 install:
--- a/dockerfiles/Dockerfile.binary-native
+++ b/dockerfiles/Dockerfile.binary-native
@ -1,4 +1,4 @@
-FROM    golang:1.10.5-alpine
+FROM    golang:1.10.6-alpine

 RUN     apk add -U git bash coreutils gcc musl-dev

--- a/dockerfiles/Dockerfile.cross
+++ b/dockerfiles/Dockerfile.cross
@ -1,3 +1,3 @@
-FROM    dockercore/golang-cross:1.10.5@sha256:e41607859366a2480445d196a5a502817e5f6ab90e8b5f55db95375fec0c0008
+FROM    dockercore/golang-cross:1.10.6@sha256:2054e793010774e9dbafc808dd550a99f8468013731728bea7fce56681510078
 ENV     DISABLE_WARN_OUTSIDE_CONTAINER=1
 WORKDIR /go/src/github.com/docker/cli
--- a/dockerfiles/Dockerfile.dev
+++ b/dockerfiles/Dockerfile.dev
@ -1,5 +1,5 @@

-FROM    golang:1.10.5-alpine
+FROM    golang:1.10.6-alpine

 RUN     apk add -U git make bash coreutils ca-certificates curl

--- a/dockerfiles/Dockerfile.e2e
+++ b/dockerfiles/Dockerfile.e2e
@ -1,4 +1,4 @@
-ARG GO_VERSION=1.10.5
+ARG GO_VERSION=1.10.6

 FROM docker/containerd-shim-process:a4d1531 AS containerd-shim-process

--- a/dockerfiles/Dockerfile.lint
+++ b/dockerfiles/Dockerfile.lint
@ -1,4 +1,4 @@
-FROM    golang:1.10.5-alpine
+FROM    golang:1.10.6-alpine

 RUN     apk add -U git