Skip to content

Commit

Permalink
cd: update go version
Browse files Browse the repository at this point in the history 
The previously used version of go had a number of known security
issues. It is time to upgrade.

List of known issues:

+-------------------+---------------------------------------+----------------+
|        CVE        |         Infected Version              |  Fix Version   |
+-------------------+---------------------------------------+----------------+
| CVE-2023-24538    | < 1.19.8,1.20.0-0 ≤ Ver < 1.20.3      | 1.19.8,1.20.3  |
| CVE-2023-24540    | < 1.19.9,1.20.0-0 ≤ Ver < 1.20.4      | 1.19.9,1.20.4  |
| CVE-2022-30635    | < 1.17.12,1.18.0-0 ≤ Ver < 1.18.4     | 1.17.12,1.18.4 |
| CVE-2022-28131    | < 1.17.12,1.18.0 ≤ Ver < 1.18.4       | 1.17.12,1.18.4 |
| CVE-2022-30580    | < 1.17.11,1.18.0-0 ≤ Ver < 1.18.3     | 1.17.11,1.18.3 |
| CVE-2023-24534    | < 1.19.8,1.20.0-0 ≤ Ver < 1.20.3      | 1.19.8,1.20.3  |
| CVE-2022-41724    | < 1.19.6,1.20.0-0 ≤ Ver < 1.20.1      | 1.19.6,1.20.1  |
| CVE-2022-30633    | < 1.17.12,1.18.0-0 ≤ Ver < 1.18.4     | 1.17.12,1.18.4 |
| CVE-2022-30630    | < 1.17.12,1.18.0-0 ≤ Ver < 1.18.4     | 1.17.12,1.18.4 |
| CVE-2022-29804    | < 1.17.11,1.18.0 ≤ Ver < 1.18.3       | 1.17.11,1.18.3 |
| CVE-2023-24539    | < 1.19.9,1.20.0-0 ≤ Ver < 1.20.4      | 1.19.9,1.20.4  |
| CVE-2022-41725    | < 1.19.6,1.20.0-0 ≤ Ver < 1.20.1      | 1.19.6,1.20.1  |
| CVE-2023-29400    | < 1.19.9,1.20.0-0 ≤ Ver < 1.20.4      | 1.19.9,1.20.4  |
| CVE-2022-41722    | < 1.19.6,1.20.0-0 ≤ Ver < 1.20.1      | 1.19.6,1.20.1  |
| CVE-2022-32189    | < 1.17.13,1.18.0-0 ≤ Ver < 1.18.5     | 1.17.13,1.18.5 |
| CVE-2022-2880     | < 1.18.7,1.19.0-0 ≤ Ver < 1.19.2      | 1.18.7,1.19.2  |
| CVE-2022-30631    | < 1.17.12,1.18.0 ≤ Ver < 1.18.4       | 1.17.12,1.18.4 |
| CVE-2022-41716    | < 1.18.8,1.19.0-0 ≤ Ver < 1.19.3      | 1.18.8,1.19.3  |
| CVE-2022-2879     | < 1.18.7,1.19.0-0 ≤ Ver < 1.19.2      | 1.18.7,1.19.2  |
| CVE-2022-41715    | < 1.18.7,1.19.0-0 ≤ Ver < 1.19.2      | 1.18.7,1.19.2  |
| CVE-2023-24536    | < 1.19.8,1.20.0-0 ≤ Ver < 1.20.3      | 1.19.8,1.20.3  |
| CVE-2022-30634    | < 1.17.11,1.18.0-0 ≤ Ver < 1.18.3     | 1.17.11,1.18.3 |
| CVE-2022-30632    | < 1.17.12,1.18.0 ≤ Ver < 1.18.4       | 1.17.12,1.18.4 |
| CVE-2022-41720    | < 1.18.9,1.19.0-0 ≤ Ver < 1.19.4      | 1.18.9,1.19.4  |
| CVE-2023-24537    | < 1.19.8,1.20.0-0 ≤ Ver < 1.20.3      | 1.19.8,1.20.3  |
| CVE-2022-32148    | < 1.17.12,1.18.0-0 ≤ Ver < 1.18.4     | 1.17.12,1.18.4 |
| CVE-2023-24532    | < 1.19.7,1.20.0-0 ≤ Ver < 1.20.2      | 1.19.7,1.20.2  |
| CVE-2022-1705     | < 1.17.12,1.18.0-0 ≤ Ver < 1.18.4     | 1.17.12,1.18.4 |
| CVE-2022-1962     | < 1.17.12,1.18.0 ≤ Ver < 1.18.4       | 1.17.12,1.18.4 |
| CVE-2022-30636    | ≤ 1.18.3                              | 1.18.4         |
| CVE-2022-30629    | < 1.17.11,1.18.0-0 ≤ Ver < 1.18.3     | 1.17.11,1.18.3 |
+-------------------+---------------------------------------+----------------+
  • Loading branch information
@LeonidVas
LeonidVas committed Jul 11, 2023
1 parent 6ddf651 commit 7e8b174
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 2 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ on:
- '*'

env:
GO_VERSION: '1.18'
GO_VERSION: '1.20.4'
GORELEASER_VERSION: v0.146.0

jobs:
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/tests.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ on:
pull_request:

env:
GO_VERSION: '1.18'
GO_VERSION: '1.20.4'
PYTHON_VERSION: '3.x'

jobs:
Expand Down

0 comments on commit 7e8b174

Please sign in to comment.