diff --git a/.github/workflows/azure-snp-reporter.yml b/.github/workflows/azure-snp-reporter.yml index 86f8c3e34..95cfdbe98 100644 --- a/.github/workflows/azure-snp-reporter.yml +++ b/.github/workflows/azure-snp-reporter.yml @@ -20,7 +20,7 @@ jobs: - name: Set up Go uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: 1.18 + go-version: 1.19.2 - name: Build and upload azure SNP reporter container image id: build-and-upload @@ -30,7 +30,6 @@ jobs: dockerfile: ./hack/azure-snp-report-verify/Dockerfile githubToken: ${{ secrets.GITHUB_TOKEN }} - fetch-snp-report: needs: build-snp-reporter name: "Fetch SNP report" @@ -68,7 +67,7 @@ jobs: - name: Set up Go uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: 1.18 + go-version: 1.19.2 - name: Download report JWT uses: actions/download-artifact@v3 diff --git a/.github/workflows/build-access-manager-image.yml b/.github/workflows/build-access-manager-image.yml index fccb0e529..c10747092 100644 --- a/.github/workflows/build-access-manager-image.yml +++ b/.github/workflows/build-access-manager-image.yml @@ -26,7 +26,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload access-manager container image id: build-and-upload diff --git a/.github/workflows/build-binaries.yml b/.github/workflows/build-binaries.yml index 94108cded..e6bdb2c0e 100644 --- a/.github/workflows/build-binaries.yml +++ b/.github/workflows/build-binaries.yml @@ -29,7 +29,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build the bootstrapper uses: ./.github/actions/build_bootstrapper @@ -45,7 +45,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build debugd uses: ./.github/actions/build_debugd @@ -61,7 +61,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build cdbg (Linux, amd64) uses: ./.github/actions/build_cdbg @@ -86,7 +86,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build cdbg (macOS, amd64) uses: ./.github/actions/build_cdbg with: @@ -110,7 +110,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build disk-mapper uses: ./.github/actions/build_disk_mapper @@ -125,7 +125,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build CLI (Linux, amd64) uses: ./.github/actions/build_cli @@ -150,7 +150,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build CLI (macOS, amd64) uses: ./.github/actions/build_cli diff --git a/.github/workflows/build-constellation-node-operator.yml b/.github/workflows/build-constellation-node-operator.yml index e629ebc7b..4e8309379 100644 --- a/.github/workflows/build-constellation-node-operator.yml +++ b/.github/workflows/build-constellation-node-operator.yml @@ -22,7 +22,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload constellation-node-operator container image uses: ./.github/actions/build_operator diff --git a/.github/workflows/build-coreos.yml b/.github/workflows/build-coreos.yml index 6d55255eb..8a8b9fa90 100644 --- a/.github/workflows/build-coreos.yml +++ b/.github/workflows/build-coreos.yml @@ -38,7 +38,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build bootstrapper if: ${{ inputs.debug == false }} diff --git a/.github/workflows/build-joinservice-image.yml b/.github/workflows/build-joinservice-image.yml index 17fe4ffba..6a918cf41 100644 --- a/.github/workflows/build-joinservice-image.yml +++ b/.github/workflows/build-joinservice-image.yml @@ -28,7 +28,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload join-service container image id: build-and-upload diff --git a/.github/workflows/build-kms-image.yml b/.github/workflows/build-kms-image.yml index 43241a161..5af7b0a1e 100644 --- a/.github/workflows/build-kms-image.yml +++ b/.github/workflows/build-kms-image.yml @@ -27,7 +27,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload KMS server container image id: build-and-upload diff --git a/.github/workflows/build-micro-service-manual.yml b/.github/workflows/build-micro-service-manual.yml index 01782f6fa..e16e24c33 100644 --- a/.github/workflows/build-micro-service-manual.yml +++ b/.github/workflows/build-micro-service-manual.yml @@ -36,7 +36,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" # choose the correct Dockerfile depending on what micro-service is being build - name: Set Dockerfile variable diff --git a/.github/workflows/build-operator-manual.yml b/.github/workflows/build-operator-manual.yml index 3363b632d..945ff129b 100644 --- a/.github/workflows/build-operator-manual.yml +++ b/.github/workflows/build-operator-manual.yml @@ -20,7 +20,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload constellation-node-operator container image uses: ./.github/actions/build_operator diff --git a/.github/workflows/build-verification-service.yml b/.github/workflows/build-verification-service.yml index 3c8456bc7..e26b002a6 100644 --- a/.github/workflows/build-verification-service.yml +++ b/.github/workflows/build-verification-service.yml @@ -24,7 +24,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build and upload verification-service container image id: build-and-upload diff --git a/.github/workflows/check-licenses.yml b/.github/workflows/check-licenses.yml index 929e6869f..dc0edc7c5 100644 --- a/.github/workflows/check-licenses.yml +++ b/.github/workflows/check-licenses.yml @@ -22,7 +22,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Install go-licenses diff --git a/.github/workflows/e2e-test-azure-weekly.yml b/.github/workflows/e2e-test-azure-weekly.yml index fccb3a3ed..7c573cf80 100644 --- a/.github/workflows/e2e-test-azure-weekly.yml +++ b/.github/workflows/e2e-test-azure-weekly.yml @@ -21,7 +21,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure uses: ./.github/actions/azure_login diff --git a/.github/workflows/e2e-test-azure.yml b/.github/workflows/e2e-test-azure.yml index c3eb2b4a0..4364c4648 100644 --- a/.github/workflows/e2e-test-azure.yml +++ b/.github/workflows/e2e-test-azure.yml @@ -16,7 +16,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure uses: ./.github/actions/azure_login @@ -88,7 +88,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure uses: ./.github/actions/azure_login diff --git a/.github/workflows/e2e-test-gcp-weekly.yml b/.github/workflows/e2e-test-gcp-weekly.yml index a3c10f346..88d2a3439 100644 --- a/.github/workflows/e2e-test-gcp-weekly.yml +++ b/.github/workflows/e2e-test-gcp-weekly.yml @@ -21,7 +21,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Run GCP E2E test uses: ./.github/actions/e2e_test diff --git a/.github/workflows/e2e-test-gcp.yml b/.github/workflows/e2e-test-gcp.yml index 062b569aa..123caee05 100644 --- a/.github/workflows/e2e-test-gcp.yml +++ b/.github/workflows/e2e-test-gcp.yml @@ -16,7 +16,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Run GCP E2E test uses: ./.github/actions/e2e_test @@ -63,7 +63,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Run GCP E2E test uses: ./.github/actions/e2e_test diff --git a/.github/workflows/e2e-test-manual-macos.yml b/.github/workflows/e2e-test-manual-macos.yml index 9f5982f92..22b2dcc27 100644 --- a/.github/workflows/e2e-test-manual-macos.yml +++ b/.github/workflows/e2e-test-manual-macos.yml @@ -53,7 +53,7 @@ jobs: uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f if: ${{ github.event.steps.check-bootstrapper-cache.cache-hit != 'true'}} with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Check out repository if: ${{ github.event.steps.check-bootstrapper-cache.cache-hit != 'true'}} @@ -82,7 +82,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure if: ${{ github.event.inputs.cloudProvider == 'azure' }} diff --git a/.github/workflows/e2e-test-manual.yml b/.github/workflows/e2e-test-manual.yml index 00fc3d83a..3f809d49e 100644 --- a/.github/workflows/e2e-test-manual.yml +++ b/.github/workflows/e2e-test-manual.yml @@ -52,7 +52,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure if: ${{ github.event.inputs.cloudProvider == 'azure' }} diff --git a/.github/workflows/generate-measurements.yml b/.github/workflows/generate-measurements.yml index 6a9037e22..8697049ac 100644 --- a/.github/workflows/generate-measurements.yml +++ b/.github/workflows/generate-measurements.yml @@ -30,7 +30,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Login to Azure if: ${{ github.event.inputs.cloudProvider == 'azure' }} diff --git a/.github/workflows/release-cli.yml b/.github/workflows/release-cli.yml index 1444991b4..e4c8d5576 100644 --- a/.github/workflows/release-cli.yml +++ b/.github/workflows/release-cli.yml @@ -14,7 +14,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Build cli-linux-amd64 uses: ./.github/actions/build_cli diff --git a/.github/workflows/test-govulncheck.yml b/.github/workflows/test-govulncheck.yml index bd5356aa1..8ff0ba260 100644 --- a/.github/workflows/test-govulncheck.yml +++ b/.github/workflows/test-govulncheck.yml @@ -31,7 +31,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Get Go submodules diff --git a/.github/workflows/test-integration.yml b/.github/workflows/test-integration.yml index f29224453..9aa1dc247 100644 --- a/.github/workflows/test-integration.yml +++ b/.github/workflows/test-integration.yml @@ -30,7 +30,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Install Dependencies diff --git a/.github/workflows/test-lint.yml b/.github/workflows/test-lint.yml index 643e7d6af..64bda60fe 100644 --- a/.github/workflows/test-lint.yml +++ b/.github/workflows/test-lint.yml @@ -36,7 +36,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Get Go submodules diff --git a/.github/workflows/test-tidy.yml b/.github/workflows/test-tidy.yml index f8705a810..81084cfef 100644 --- a/.github/workflows/test-tidy.yml +++ b/.github/workflows/test-tidy.yml @@ -28,7 +28,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" - name: Get Go submodules id: submods diff --git a/.github/workflows/test-unittest.yml b/.github/workflows/test-unittest.yml index 8dd24091d..8c3f79225 100644 --- a/.github/workflows/test-unittest.yml +++ b/.github/workflows/test-unittest.yml @@ -30,7 +30,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Install Dependencies @@ -54,7 +54,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: CLI Unit Tests diff --git a/.github/workflows/update-cli-reference.yml b/.github/workflows/update-cli-reference.yml index 1c58a2285..e138b4f21 100644 --- a/.github/workflows/update-cli-reference.yml +++ b/.github/workflows/update-cli-reference.yml @@ -20,7 +20,7 @@ jobs: - name: Setup Go environment uses: actions/setup-go@268d8c0ca0432bb2cf416faae41297df9d262d7f with: - go-version: "1.19.1" + go-version: "1.19.2" cache: true - name: Generate reference docs diff --git a/3rdparty/gcp-guest-agent/Dockerfile b/3rdparty/gcp-guest-agent/Dockerfile index 22f9591a0..45371cadd 100644 --- a/3rdparty/gcp-guest-agent/Dockerfile +++ b/3rdparty/gcp-guest-agent/Dockerfile @@ -6,7 +6,7 @@ RUN apt-get update && apt-get install -y \ git # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/CHANGELOG.md b/CHANGELOG.md index 0e951fa96..75d542a5f 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -45,7 +45,11 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 ### Fixed ### Security - +Vulnerability inside the Go standard library fixed by updating to Go 1.19.2: +- [GO-2022-1037](https://pkg.go.dev/vuln/GO-2022-1037) ([CVE-2022-2879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879)) +- [GO-2022-1038](https://pkg.go.dev/vuln/GO-2022-1038) ([CVE-2022-2880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880)) +- [GO-2022-0969](https://pkg.go.dev/vuln/GO-2022-0969) ([CVE-2022-27664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664)) + ### Internal ## [2.0.0] - 2022-09-12 diff --git a/Dockerfile.build b/Dockerfile.build index 629c99f5f..2bec3bbbd 100644 --- a/Dockerfile.build +++ b/Dockerfile.build @@ -5,7 +5,7 @@ RUN dnf -y update && \ dnf clean all # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/access_manager/Dockerfile b/access_manager/Dockerfile index b38b770b2..869b3a97e 100644 --- a/access_manager/Dockerfile +++ b/access_manager/Dockerfile @@ -5,7 +5,7 @@ RUN dnf -y update && \ dnf clean all # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/hack/qemu-metadata-api/Dockerfile b/hack/qemu-metadata-api/Dockerfile index e3d882c79..2d2c1f8a6 100644 --- a/hack/qemu-metadata-api/Dockerfile +++ b/hack/qemu-metadata-api/Dockerfile @@ -4,7 +4,7 @@ RUN dnf -y update && \ dnf -y install libvirt-devel @development-tools pkg-config wget git && \ dnf clean all -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/joinservice/Dockerfile b/joinservice/Dockerfile index e8dca6420..a8c840994 100644 --- a/joinservice/Dockerfile +++ b/joinservice/Dockerfile @@ -5,7 +5,7 @@ RUN dnf -y update && \ dnf clean all # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/kms/Dockerfile b/kms/Dockerfile index 772bf7695..8813ec92c 100644 --- a/kms/Dockerfile +++ b/kms/Dockerfile @@ -4,7 +4,7 @@ RUN dnf -y update && \ dnf install -y wget git # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz diff --git a/operators/constellation-node-operator/Dockerfile b/operators/constellation-node-operator/Dockerfile index 7ac794f24..106af2dee 100644 --- a/operators/constellation-node-operator/Dockerfile +++ b/operators/constellation-node-operator/Dockerfile @@ -1,5 +1,5 @@ # Build the manager binary -FROM golang:1.18 as builder +FROM golang:1.19.2 as builder WORKDIR /workspace # Copy the Go Modules manifests diff --git a/proto/Dockerfile.gen-proto b/proto/Dockerfile.gen-proto index a2c93c6c3..625ddd441 100644 --- a/proto/Dockerfile.gen-proto +++ b/proto/Dockerfile.gen-proto @@ -1,6 +1,6 @@ FROM ubuntu@sha256:7cc0576c7c0ec2384de5cbf245f41567e922aab1b075f3e8ad565f508032df17 as build -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 ARG GEN_GO_VER=1.28.0 ARG GEN_GO_GRPC_VER=1.2.0 ARG PB_VER=3.20.1 diff --git a/verify/Dockerfile b/verify/Dockerfile index af3ab0bea..f245c70d2 100644 --- a/verify/Dockerfile +++ b/verify/Dockerfile @@ -5,7 +5,7 @@ RUN dnf -y update && \ dnf clean all # Install Go -ARG GO_VER=1.19.1 +ARG GO_VER=1.19.2 RUN wget -q https://go.dev/dl/go${GO_VER}.linux-amd64.tar.gz && \ tar -C /usr/local -xzf go${GO_VER}.linux-amd64.tar.gz && \ rm go${GO_VER}.linux-amd64.tar.gz