From cff3654aea83fd2818c12782211bceeeee8535b9 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 2 Jul 2024 18:49:16 +0000 Subject: [PATCH] import UBI golang-1.21.11-1.module+el8.10.0+21986+2112108a --- .gitignore | 4 ++-- .golang.metadata | 4 ++-- SOURCES/skip-test-overlong-message.patch | 15 --------------- SPECS/golang.spec | 20 +++++++++++++++----- 4 files changed, 19 insertions(+), 24 deletions(-) delete mode 100644 SOURCES/skip-test-overlong-message.patch diff --git a/.gitignore b/.gitignore index 0337066..070726b 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,2 @@ -SOURCES/go1.21.9-1-openssl-fips.tar.gz -SOURCES/go1.21.9.tar.gz +SOURCES/go1.21.11-1-openssl-fips.tar.gz +SOURCES/go1.21.11.tar.gz diff --git a/.golang.metadata b/.golang.metadata index 46a4cf1..ff65de6 100644 --- a/.golang.metadata +++ b/.golang.metadata @@ -1,2 +1,2 @@ -1162b641e8b23110eaab7496003585ea6c786158 SOURCES/go1.21.9-1-openssl-fips.tar.gz -54c038c82c82ebe2ad4ee2d0a3d7c4d39809f59a SOURCES/go1.21.9.tar.gz +12e1749f4278ef62bfaa8f105692d2f3325aebf3 SOURCES/go1.21.11-1-openssl-fips.tar.gz +9bc5ac9cb6476ae0392c53123050c95bd1d5f6ac SOURCES/go1.21.11.tar.gz diff --git a/SOURCES/skip-test-overlong-message.patch b/SOURCES/skip-test-overlong-message.patch deleted file mode 100644 index 1e14393..0000000 --- a/SOURCES/skip-test-overlong-message.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go -index 0853178e3a..16eb37734b 100644 ---- a/src/crypto/rsa/pkcs1v15_test.go -+++ b/src/crypto/rsa/pkcs1v15_test.go -@@ -247,6 +247,10 @@ func TestVerifyPKCS1v15(t *testing.T) { - } - - func TestOverlongMessagePKCS1v15(t *testing.T) { -+ // OpenSSL now returns a random string instead of an error -+ if boring.Enabled() { -+ t.Skip("Not relevant in boring mode") -+ } - ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==") - _, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext) - if err == nil { diff --git a/SPECS/golang.spec b/SPECS/golang.spec index 15ecf12..94e9ad2 100644 --- a/SPECS/golang.spec +++ b/SPECS/golang.spec @@ -92,7 +92,7 @@ %endif %global go_api 1.21 -%global version 1.21.9 +%global version 1.21.11 %global pkg_release 1 Name: golang @@ -145,7 +145,6 @@ Patch1939923: skip_test_rhbz1939923.patch Patch2: disable_static_tests_part1.patch Patch3: disable_static_tests_part2.patch -Patch4: skip-test-overlong-message.patch Patch5: modify_go.env.patch # Having documentation separate was broken @@ -243,9 +242,12 @@ Requires: %{name} = %{version}-%{release} pushd .. tar -xf %{SOURCE1} popd -patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch -patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch -patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch +patch_dir="../go-go%{version}-%{pkg_release}-openssl-fips/patches" +# Add --no-backup-if-mismatch option to avoid creating .orig temp files +for p in "$patch_dir"/*.patch; do + echo "Applying $p" + patch -p1 --no-backup-if-mismatch < $p +done # Configure crypto tests pushd ../go-go%{version}-%{pkg_release}-openssl-fips @@ -518,6 +520,14 @@ cd .. %endif %changelog +* Wed Jun 12 2024 Archana Ravindar - 1.21.11-1 +- Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790 +- Resolves: RHEL-40274 + +* Thu May 23 2024 David Benoit - 1.21.10 +- Update to Go 1.21.10 +- Resolves: RHEL-36993 + * Fri Apr 12 2024 David Benoit - 1.21.9-1 - Fix CVE-2023-45288 - Resolves: RHEL-31915