import UBI golang-1.20.12-4.el9_3

This commit is contained in:
eabdullin 2024-04-24 04:38:30 +00:00
parent f6700631db
commit 6ef61b11fb
3 changed files with 20 additions and 7 deletions

2
.gitignore vendored
View File

@ -1,2 +1,2 @@
SOURCES/go1.20.12-1-openssl-fips.tar.gz
SOURCES/go1.20.12-2-openssl-fips.tar.gz
SOURCES/go1.20.12.tar.gz

View File

@ -1,2 +1,2 @@
551cf7aae2d428bb376cf2b8d56443ab2ee7d133 SOURCES/go1.20.12-1-openssl-fips.tar.gz
f57205df5fc5d2e0392ca39c795c6d60d22f0c80 SOURCES/go1.20.12-2-openssl-fips.tar.gz
6d5bc127443fc42b1af8d9ba4115abe18554feb7 SOURCES/go1.20.12.tar.gz

View File

@ -2,6 +2,8 @@
%global bcond_with strict_fips
%global run_fips_test 0
# build ids are not currently generated:
# https://code.google.com/p/go/issues/detail?id=5238
#
@ -95,11 +97,11 @@
%global go_api 1.20
%global go_version 1.20.12
%global version %{go_version}
%global pkg_release 1
%global pkg_release 2
Name: golang
Version: %{version}
Release: 2%{?dist}
Release: 4%{?dist}
Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain
@ -255,10 +257,10 @@ This is the main package for go-toolset.
pushd ..
tar -xf %{SOURCE1}
popd
patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch
patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch
patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch
for patch in ../go-go%{version}-%{pkg_release}-openssl-fips/patches/*.patch; do
patch -p1 < "${patch}"
done
# Configure crypto tests
pushd ../go-go%{version}-%{pkg_release}-openssl-fips
@ -457,6 +459,7 @@ export GO_TEST_RUN=""
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
# Run tests with FIPS enabled.
%if %{run_fips_test}
export GOLANG_FIPS=1
export OPENSSL_FORCE_FIPS_MODE=1
pushd crypto
@ -469,6 +472,7 @@ popd
pushd crypto/tls
go test -v -run "Boring"
popd
%endif
%else
./run.bash --no-rebuild -v -v -v -k || :
%endif
@ -528,6 +532,15 @@ cd ..
%files -n go-toolset
%changelog
* Fri Apr 19 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-4
- Rebuild for z-stream
- Related: RHEL-28939
* Wed Apr 10 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-3
- Fix CVE-2023-45288
- Resolves: RHEL-28939
- Temporarily disable FIPS tests (RHELBLD-14822)
* Tue Mar 05 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-2
- Fix CVE-2024-1394
- Resolves: RHEL-27189