From a82e9eff70d7aa31bb8a2a5686ca45d1a0c3d9c0 Mon Sep 17 00:00:00 2001
From: eabdullin <eabdullin@almalinux.org>
Date: Tue, 20 Feb 2024 13:36:01 +0000
Subject: [PATCH] import UBI golang-1.20.12-2.module+el8.9.0+21033+5795bdf6

---
 .gitignore                               |  4 ++--
 .golang.metadata                         |  4 ++--
 SOURCES/skip-test-overlong-message.patch | 15 +++++++++++++++
 SPECS/golang.spec                        | 15 +++++++++++++--
 4 files changed, 32 insertions(+), 6 deletions(-)
 create mode 100644 SOURCES/skip-test-overlong-message.patch

diff --git a/.gitignore b/.gitignore
index d709750..064d926 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/go1.20.10-1-openssl-fips.tar.gz
-SOURCES/go1.20.10.tar.gz
+SOURCES/go1.20.12-1-openssl-fips.tar.gz
+SOURCES/go1.20.12.tar.gz
diff --git a/.golang.metadata b/.golang.metadata
index 3f15a20..7fa7699 100644
--- a/.golang.metadata
+++ b/.golang.metadata
@@ -1,2 +1,2 @@
-a16d4c1ed23caee22e90f86027d861cadb634993 SOURCES/go1.20.10-1-openssl-fips.tar.gz
-f919ce5ad523ccba39500cab7ccd1ebbfde70021 SOURCES/go1.20.10.tar.gz
+551cf7aae2d428bb376cf2b8d56443ab2ee7d133 SOURCES/go1.20.12-1-openssl-fips.tar.gz
+6d5bc127443fc42b1af8d9ba4115abe18554feb7 SOURCES/go1.20.12.tar.gz
diff --git a/SOURCES/skip-test-overlong-message.patch b/SOURCES/skip-test-overlong-message.patch
new file mode 100644
index 0000000..1e14393
--- /dev/null
+++ b/SOURCES/skip-test-overlong-message.patch
@@ -0,0 +1,15 @@
+diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go
+index 0853178e3a..16eb37734b 100644
+--- a/src/crypto/rsa/pkcs1v15_test.go
++++ b/src/crypto/rsa/pkcs1v15_test.go
+@@ -247,6 +247,10 @@ func TestVerifyPKCS1v15(t *testing.T) {
+ }
+ 
+ func TestOverlongMessagePKCS1v15(t *testing.T) {
++	// OpenSSL now returns a random string instead of an error
++	if boring.Enabled() {
++		t.Skip("Not relevant in boring mode")
++	}
+ 	ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
+ 	_, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext)
+ 	if err == nil {
diff --git a/SPECS/golang.spec b/SPECS/golang.spec
index 8ba1e26..a4b0ef3 100644
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@@ -92,12 +92,12 @@
 %endif
 
 %global go_api 1.20
-%global version 1.20.10
+%global version 1.20.12
 %global pkg_release 1
 
 Name:           golang
 Version:        %{version}
-Release:        1%{?dist}
+Release:        2%{?dist}
 
 Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
@@ -140,6 +140,7 @@ Requires:       diffutils
 
 # Proposed patch by jcajka https://golang.org/cl/86541
 Patch221:       fix_TestScript_list_std.patch
+Patch222:	skip-test-overlong-message.patch
 
 Patch1939923:   skip_test_rhbz1939923.patch
 
@@ -255,6 +256,7 @@ popd
 %patch3 -p1
 
 %patch221 -p1
+%patch222 -p1
 
 %patch1939923 -p1
 
@@ -518,6 +520,15 @@ cd ..
 %endif
 
 %changelog
+* Wed Dec 13 2023 David Benoit <dbenoit@redhat.com> - 1.20.12-2
+- Fix sources file
+- Related: RHEL-19231
+
+* Tue Dec 12 2023 David Benoit <dbenoit@redhat.com> - 1.20.12-1
+- Update to Go 1.20.12
+- Fix CVE-2023-39326
+- Resolves: RHEL-19231
+
 * Fri Oct 13 2023 David Benoit <dbenoit@redhat.com> - 1.20.10-1
 - Update to Go 1.20.10
 - Fix CVE-2023-39325