Guest24897
/
DockerCLI
mirror of https://github.com/docker/cli.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update to go1.22.7 

- https://github.com/golang/go/issues?q=milestone%3AGo1.22.7+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.22.6...go1.22.7

These minor releases include 3 security fixes following the security policy:

- go/parser: stack exhaustion in all Parse* functions

    Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.

    This is CVE-2024-34155 and Go issue https://go.dev/issue/69138.

- encoding/gob: stack exhaustion in Decoder.Decode

    Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion.

    This is a follow-up to CVE-2022-30635.

    Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu) for reporting this issue.

    This is CVE-2024-34156 and Go issue https://go.dev/issue/69139.

- go/build/constraint: stack exhaustion in Parse

    Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.

    This is CVE-2024-34158 and Go issue https://go.dev/issue/69141.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.1

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Paweł Gronowski 2024-09-05 17:51:27 +02:00
parent 2b6d2d98d8
commit 3bf39d25a0
No known key found for this signature in database
GPG Key ID: B85EFCFE26DEF92A
7 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/test.yml vendored
View File

@ -68,7 +68,7 @@ jobs:
name: Set up Go name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: 1.22.6 go-version: 1.22.7
- -
name: Test name: Test
run: | run: |

2
Dockerfile
View File

@ -4,7 +4,7 @@ ARG BASE_VARIANT=alpine
ARG ALPINE_VERSION=3.20 ARG ALPINE_VERSION=3.20
ARG BASE_DEBIAN_DISTRO=bookworm ARG BASE_DEBIAN_DISTRO=bookworm
ARG GO_VERSION=1.22.6 ARG GO_VERSION=1.22.7
ARG XX_VERSION=1.5.0 ARG XX_VERSION=1.5.0
ARG GOVERSIONINFO_VERSION=v1.3.0 ARG GOVERSIONINFO_VERSION=v1.3.0
ARG GOTESTSUM_VERSION=v1.10.0 ARG GOTESTSUM_VERSION=v1.10.0

2
docker-bake.hcl
View File

@ -1,5 +1,5 @@
variable "GO_VERSION" { variable "GO_VERSION" {
default = "1.22.6" default = "1.22.7"
} }
variable "VERSION" { variable "VERSION" {
default = "" default = ""

2
dockerfiles/Dockerfile.dev
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.22.6 ARG GO_VERSION=1.22.7
ARG ALPINE_VERSION=3.20 ARG ALPINE_VERSION=3.20
ARG BUILDX_VERSION=0.16.1 ARG BUILDX_VERSION=0.16.1

2
dockerfiles/Dockerfile.lint
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.22.6 ARG GO_VERSION=1.22.7
ARG ALPINE_VERSION=3.20 ARG ALPINE_VERSION=3.20
ARG GOLANGCI_LINT_VERSION=v1.59.1 ARG GOLANGCI_LINT_VERSION=v1.59.1

2
dockerfiles/Dockerfile.vendor
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.22.6 ARG GO_VERSION=1.22.7
ARG ALPINE_VERSION=3.20 ARG ALPINE_VERSION=3.20
ARG MODOUTDATED_VERSION=v0.8.0 ARG MODOUTDATED_VERSION=v0.8.0

2
e2e/testdata/Dockerfile.gencerts vendored
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.22.6 ARG GO_VERSION=1.22.7
FROM golang:${GO_VERSION}-alpine AS generated FROM golang:${GO_VERSION}-alpine AS generated
ENV GOTOOLCHAIN=local ENV GOTOOLCHAIN=local