1berry/docker-cli
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

update to go1.23.6

Browse Source 
- https://github.com/golang/go/issues?q=milestone%3AGo1.23.6+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.23.5...go1.23.6

This minor release include 1 security fix following the security policy:

- crypto/elliptic: timing sidechannel for P-256 on ppc64le

  Due to the usage of a variable time instruction in the assembly implementation
  of an internal function, a small number of bits of secret scalars are leaked on
  the ppc64le architecture. Due to the way this function is used, we do not
  believe this leakage is enough to allow recovery of the private key when P-256
  is used in any well known protocols.

This is CVE-2025-22866 and Go issue https://go.dev/issue/71383.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.6

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Paweł Gronowski 2025-02-04 20:34:35 +01:00
parent dff0dc8afa
commit 1d9d349c19
No known key found for this signature in database
GPG Key ID: B85EFCFE26DEF92A
9 changed files with 9 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/workflows/codeql.yml vendored
View File

@ -63,7 +63,7 @@ jobs:
name: Update Go name: Update Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: "1.23.5" go-version: "1.23.6"
- -
name: Initialize CodeQL name: Initialize CodeQL
uses: github/codeql-action/init@v3 uses: github/codeql-action/init@v3

2
.github/workflows/test.yml vendored
View File

@ -66,7 +66,7 @@ jobs:
name: Set up Go name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: "1.23.5" go-version: "1.23.6"
- -
name: Test name: Test
run: | run: |

2
.golangci.yml
View File

@ -43,7 +43,7 @@ linters:
run: run:
# prevent golangci-lint from deducting the go version to lint for through go.mod, # prevent golangci-lint from deducting the go version to lint for through go.mod,
# which causes it to fallback to go1.17 semantics. # which causes it to fallback to go1.17 semantics.
go: "1.23.5" go: "1.23.6"
timeout: 5m timeout: 5m
linters-settings: linters-settings:

2
Dockerfile
View File

@ -4,7 +4,7 @@ ARG BASE_VARIANT=alpine
ARG ALPINE_VERSION=3.21 ARG ALPINE_VERSION=3.21
ARG BASE_DEBIAN_DISTRO=bookworm ARG BASE_DEBIAN_DISTRO=bookworm
ARG GO_VERSION=1.23.5 ARG GO_VERSION=1.23.6
ARG XX_VERSION=1.6.1 ARG XX_VERSION=1.6.1
ARG GOVERSIONINFO_VERSION=v1.4.1 ARG GOVERSIONINFO_VERSION=v1.4.1
ARG GOTESTSUM_VERSION=v1.10.0 ARG GOTESTSUM_VERSION=v1.10.0

2
docker-bake.hcl
View File

@ -1,5 +1,5 @@
variable "GO_VERSION" { variable "GO_VERSION" {
default = "1.23.5" default = "1.23.6"
} }
variable "VERSION" { variable "VERSION" {
default = "" default = ""

2
dockerfiles/Dockerfile.dev
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.23.5 ARG GO_VERSION=1.23.6
ARG ALPINE_VERSION=3.21 ARG ALPINE_VERSION=3.21
ARG BUILDX_VERSION=0.17.1 ARG BUILDX_VERSION=0.17.1

2
dockerfiles/Dockerfile.lint
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.23.5 ARG GO_VERSION=1.23.6
ARG ALPINE_VERSION=3.21 ARG ALPINE_VERSION=3.21
ARG GOLANGCI_LINT_VERSION=v1.62.2 ARG GOLANGCI_LINT_VERSION=v1.62.2

2
dockerfiles/Dockerfile.vendor
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.23.5 ARG GO_VERSION=1.23.6
ARG ALPINE_VERSION=3.21 ARG ALPINE_VERSION=3.21
ARG MODOUTDATED_VERSION=v0.8.0 ARG MODOUTDATED_VERSION=v0.8.0

2
e2e/testdata/Dockerfile.gencerts vendored
View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1 # syntax=docker/dockerfile:1
ARG GO_VERSION=1.23.5 ARG GO_VERSION=1.23.6
FROM golang:${GO_VERSION}-alpine AS generated FROM golang:${GO_VERSION}-alpine AS generated
ENV GOTOOLCHAIN=local ENV GOTOOLCHAIN=local