Skip to content

Backport of [NET-5574] Update Go version to 1.20.8 into release/1.16.x#18763

Merged
hc-github-team-consul-core merged 1 commit intorelease/1.16.xfrom
backport/zalimeni/net-5574-bump-go-1.20.8/amazingly-smooth-shark
Sep 12, 2023
Merged

Backport of [NET-5574] Update Go version to 1.20.8 into release/1.16.x#18763
hc-github-team-consul-core merged 1 commit intorelease/1.16.xfrom
backport/zalimeni/net-5574-bump-go-1.20.8/amazingly-smooth-shark

Conversation

@hc-github-team-consul-core
Copy link
Collaborator

@hc-github-team-consul-core hc-github-team-consul-core commented Sep 12, 2023

Backport

This PR is auto-generated from #18742 to be assessed for backporting due to the inclusion of the label backport/1.16.

The below text is copied from the body of the original PR.

This resolves several CVEs:

  • CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary execution
  • CVE-2023-39318: html/template: improper handling of HTML-like comments within script contexts
  • CVE-2023-39319: html/template: improper handling of special tags within script contexts
  • CVE-2023-39321 and CVE-2023-39322: crypto/tls: panic when processing post-handshake message on QUIC connections

Description

Resolves CVEs and brings us up to the latest version of Go.

Testing & Reproduction steps

Tests should continue to pass.

Links

PR Checklist

  • updated test coverage
  • external facing docs updated
  • appropriate backport labels added
  • not a security concern
Overview of commits

@hc-github-team-consul-core hc-github-team-consul-core requested a review from a team September 12, 2023 15:41
@hc-github-team-consul-core hc-github-team-consul-core requested a review from a team as a code owner September 12, 2023 15:41
@hc-github-team-consul-core hc-github-team-consul-core removed the request for review from a team September 12, 2023 15:41
@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/zalimeni/net-5574-bump-go-1.20.8/amazingly-smooth-shark branch from 2f05dbd to f7b1947 Compare September 12, 2023 15:41
@hc-github-team-consul-core hc-github-team-consul-core force-pushed the backport/zalimeni/net-5574-bump-go-1.20.8/amazingly-smooth-shark branch from 9c183b2 to ed28f11 Compare September 12, 2023 15:41
@github-actions github-actions bot added type/ci Relating to continuous integration (CI) tooling for testing or releases theme/contributing Additions and enhancements to community contributing materials labels Sep 12, 2023
github-team-consul-core-pr-approver
github-team-consul-core-pr-approver approved these changes Sep 12, 2023
View reviewed changes
Copy link
Collaborator

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Auto approved Consul Bot automated PR

@vercel vercel bot temporarily deployed to Preview – consul September 12, 2023 15:46 Inactive
@hc-github-team-consul-core hc-github-team-consul-core merged commit 48ddc39 into release/1.16.x Sep 12, 2023
@hc-github-team-consul-core hc-github-team-consul-core deleted the backport/zalimeni/net-5574-bump-go-1.20.8/amazingly-smooth-shark branch September 12, 2023 15:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-team-consul-core-pr-approver github-team-consul-core-pr-approver github-team-consul-core-pr-approver approved these changes

@marianoasselborn marianoasselborn Awaiting requested review from marianoasselborn

@emilymianeil emilymianeil Awaiting requested review from emilymianeil

@zalimeni zalimeni Awaiting requested review from zalimeni

Assignees

@zalimeni zalimeni

Labels

theme/contributing Additions and enhancements to community contributing materials type/ci Relating to continuous integration (CI) tooling for testing or releases

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@hc-github-team-consul-core @github-team-consul-core-pr-approver @zalimeni