Skip to content

Commit

Permalink
update to go1.21.12
Browse files Browse the repository at this point in the history
- https://github.com/golang/go/issues?q=milestone%3AGo1.21.12+label%3ACherryPickApproved
- full diff: golang/go@go1.21.11...go1.21.12

These minor releases include 1 security fixes following the security policy:

net/http: denial of service due to improper 100-continue handling

The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail.

An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.

Thanks to Geoff Franks for reporting this issue.

This is CVE-2024-24791 and Go issue https://go.dev/issue/67555.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.21.12

**- Description for the changelog**

```markdown changelog
Update Go runtime to 1.21.12
```

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit 4d1d7c3)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
  • Loading branch information
vvoland committed Jul 3, 2024
1 parent f533464 commit 6fbdce4
Show file tree
Hide file tree
Showing 8 changed files with 8 additions and 8 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/.test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@ on:
default: "graphdriver"

env:
GO_VERSION: "1.21.9"
GO_VERSION: "1.21.12"
GOTESTLIST_VERSION: v0.3.1
TESTSTAT_VERSION: v0.1.25
ITG_CLI_MATRIX_SIZE: 6
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/.windows.yml
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,7 @@ on:
default: false

env:
GO_VERSION: "1.21.11"
GO_VERSION: "1.21.12"
GOTESTLIST_VERSION: v0.3.1
TESTSTAT_VERSION: v0.1.25
WINDOWS_BASE_IMAGE: mcr.microsoft.com/windows/servercore
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/buildkit.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ on:
pull_request:

env:
GO_VERSION: "1.21.11"
GO_VERSION: "1.21.12"
DESTDIR: ./build

jobs:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ on:
pull_request:

env:
GO_VERSION: "1.21.11"
GO_VERSION: "1.21.12"
GIT_PAGER: "cat"
PAGER: "cat"

Expand Down
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1.7

ARG GO_VERSION=1.21.11
ARG GO_VERSION=1.21.12
ARG BASE_DEBIAN_DISTRO="bookworm"
ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
ARG XX_VERSION=1.4.0
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.simple
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@

# This represents the bare minimum required to build and test Docker.

ARG GO_VERSION=1.21.11
ARG GO_VERSION=1.21.12

ARG BASE_DEBIAN_DISTRO="bookworm"
ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
Expand Down
2 changes: 1 addition & 1 deletion Dockerfile.windows
Original file line number Diff line number Diff line change
Expand Up @@ -161,7 +161,7 @@ FROM ${WINDOWS_BASE_IMAGE}:${WINDOWS_BASE_IMAGE_TAG}
# Use PowerShell as the default shell
SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]

ARG GO_VERSION=1.21.11
ARG GO_VERSION=1.21.12
ARG GOTESTSUM_VERSION=v1.8.2
ARG GOWINRES_VERSION=v0.3.1
ARG CONTAINERD_VERSION=v1.7.18
Expand Down
2 changes: 1 addition & 1 deletion hack/dockerfiles/generate-files.Dockerfile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1

ARG GO_VERSION=1.21.11
ARG GO_VERSION=1.21.12
ARG BASE_DEBIAN_DISTRO="bookworm"
ARG PROTOC_VERSION=3.11.4

Expand Down

0 comments on commit 6fbdce4

Please sign in to comment.