Skip to content

Commit 3f61d5e

Browse files
thaJeztahthaJeztah
committed
[release/1.5] update golang to 1.17.11
go1.17.11 (released 2022-06-01) includes security fixes to the crypto/rand, crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the crypto/tls package. See the Go 1.17.11 milestone on our issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.17.11+label%3ACherryPickApproved Hello gophers, We have just released Go versions 1.18.3 and 1.17.11, minor point releases. These minor releases include 4 security fixes following the security policy: - crypto/rand: rand.Read hangs with extremely large buffers On Windows, rand.Read will hang indefinitely if passed a buffer larger than 1 << 32 - 1 bytes. Thanks to Davis Goodin and Quim Muntal, working at Microsoft on the Go toolset, for reporting this issue. This is [CVE-2022-30634][CVE-2022-30634] and Go issue https://go.dev/issue/52561. - crypto/tls: session tickets lack random ticket_age_add Session tickets generated by crypto/tls did not contain a randomly generated ticket_age_add. This allows an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption. Thanks to GitHub user nervuri for reporting this. This is [CVE-2022-30629][CVE-2022-30629] and Go issue https://go.dev/issue/52814. - `os/exec`: empty `Cmd.Path` can result in running unintended binary on Windows If, on Windows, `Cmd.Run`, `cmd.Start`, `cmd.Output`, or `cmd.CombinedOutput` are executed when Cmd.Path is unset and, in the working directory, there are binaries named either "..com" or "..exe", they will be executed. Thanks to Chris Darroch, brian m. carlson, and Mikhail Shcherbakov for reporting this. This is [CVE-2022-30580][CVE-2022-30580] and Go issue https://go.dev/issue/52574. - `path/filepath`: Clean(`.\c:`) returns `c:` on Windows On Windows, the `filepath.Clean` function could convert an invalid path to a valid, absolute path. For example, Clean(`.\c:`) returned `c:`. Thanks to Unrud for reporting this issue. This is [CVE-2022-29804][CVE-2022-29804] and Go issue https://go.dev/issue/52476. [CVE-2022-30634]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30634 [CVE-2022-30629]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30629 [CVE-2022-30580]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-30580 [CVE-2022-29804]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29804 Signed-off-by: Sebastiaan van Stijn <[email protected]>
1 parent ae4ec1f commit 3f61d5e

8 files changed

Lines changed: 17 additions & 17 deletions

File tree

.github/workflows/ci.yml

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ jobs:
2020

2121
strategy:
2222
matrix:
23-
go-version: [1.17.10]
23+
go-version: [1.17.11]
2424
os: [ubuntu-18.04, macos-10.15, windows-2019]
2525

2626
steps:
@@ -55,7 +55,7 @@ jobs:
5555
steps:
5656
- uses: actions/setup-go@v2
5757
with:
58-
go-version: '1.17.10'
58+
go-version: '1.17.11'
5959

6060
- shell: bash
6161
run: |
@@ -86,7 +86,7 @@ jobs:
8686
steps:
8787
- uses: actions/setup-go@v2
8888
with:
89-
go-version: '1.17.10'
89+
go-version: '1.17.11'
9090

9191
- uses: actions/checkout@v2
9292
with:
@@ -119,7 +119,7 @@ jobs:
119119
steps:
120120
- uses: actions/setup-go@v2
121121
with:
122-
go-version: '1.17.10'
122+
go-version: '1.17.11'
123123

124124
- name: Set env
125125
shell: bash
@@ -165,7 +165,7 @@ jobs:
165165
steps:
166166
- uses: actions/setup-go@v2
167167
with:
168-
go-version: '1.17.10'
168+
go-version: '1.17.11'
169169
- name: Set env
170170
shell: bash
171171
run: |
@@ -230,7 +230,7 @@ jobs:
230230
strategy:
231231
matrix:
232232
os: [ubuntu-18.04, macos-10.15, windows-2019]
233-
go-version: ['1.17.10']
233+
go-version: ['1.17.11']
234234
include:
235235
# Go 1.13.x is still used by Docker/Moby
236236
- go-version: '1.13.x'
@@ -276,7 +276,7 @@ jobs:
276276
steps:
277277
- uses: actions/setup-go@v2
278278
with:
279-
go-version: '1.17.10'
279+
go-version: '1.17.11'
280280

281281
- uses: actions/checkout@v2
282282
with:
@@ -357,7 +357,7 @@ jobs:
357357
steps:
358358
- uses: actions/setup-go@v2
359359
with:
360-
go-version: '1.17.10'
360+
go-version: '1.17.11'
361361

362362
- uses: actions/checkout@v2
363363
with:
@@ -509,7 +509,7 @@ jobs:
509509
steps:
510510
- uses: actions/setup-go@v2
511511
with:
512-
go-version: '1.17.10'
512+
go-version: '1.17.11'
513513
- uses: actions/checkout@v2
514514
with:
515515
path: src/github.com/containerd/containerd

.github/workflows/nightly.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -18,7 +18,7 @@ jobs:
1818
steps:
1919
- uses: actions/setup-go@v2
2020
with:
21-
go-version: '1.17.10'
21+
go-version: '1.17.11'
2222

2323
- uses: actions/checkout@v2
2424
with:
@@ -135,7 +135,7 @@ jobs:
135135
steps:
136136
- uses: actions/setup-go@v2
137137
with:
138-
go-version: '1.17.10'
138+
go-version: '1.17.11'
139139

140140
- uses: actions/checkout@v2
141141
with:

.github/workflows/release.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -62,7 +62,7 @@ jobs:
6262
- name: Install Go
6363
uses: actions/setup-go@v2
6464
with:
65-
go-version: '1.17.10'
65+
go-version: '1.17.11'
6666

6767
- name: Set env
6868
shell: bash

.zuul/playbooks/containerd-build/integration-test.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
become: yes
33
roles:
44
- role: config-golang
5-
go_version: '1.17.10'
5+
go_version: '1.17.11'
66
arch: arm64
77
tasks:
88
- name: Install pre-requisites

.zuul/playbooks/containerd-build/run.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
become: yes
33
roles:
44
- role: config-golang
5-
go_version: '1.17.10'
5+
go_version: '1.17.11'
66
arch: arm64
77
tasks:
88
- name: Build containerd

.zuul/playbooks/containerd-build/unit-test.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,7 +2,7 @@
22
become: yes
33
roles:
44
- role: config-golang
5-
go_version: '1.17.10'
5+
go_version: '1.17.11'
66
arch: arm64
77
tasks:
88
- name: Build and test containerd

Vagrantfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -77,7 +77,7 @@ Vagrant.configure("2") do |config|
7777
config.vm.provision "install-golang", type: "shell", run: "once" do |sh|
7878
sh.upload_path = "/tmp/vagrant-install-golang"
7979
sh.env = {
80-
'GO_VERSION': ENV['GO_VERSION'] || "1.17.10",
80+
'GO_VERSION': ENV['GO_VERSION'] || "1.17.11",
8181
}
8282
sh.inline = <<~SHELL
8383
#!/usr/bin/env bash

contrib/Dockerfile.test

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
#
1111
# docker build -t containerd-test --build-arg RUNC_VERSION=v1.0.0-rc93 -f Dockerfile.test ../
1212

13-
ARG GOLANG_VERSION=1.17.10
13+
ARG GOLANG_VERSION=1.17.11
1414

1515
FROM golang:${GOLANG_VERSION} AS golang-base
1616
RUN mkdir -p /go/src/github.com/containerd/containerd

0 commit comments

Comments
 (0)