import UBI golang-1.21.11-1.module+el8.10.0+21986+2112108a

2024-07-02 18:49:16 +00:00 · 2024-07-02 18:49:16 +00:00 · cff3654aea
commit cff3654aea
parent 2669c9bb5b
4 changed files with 19 additions and 24 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,2 +1,2 @@
-SOURCES/go1.21.9-1-openssl-fips.tar.gz
-SOURCES/go1.21.9.tar.gz
+SOURCES/go1.21.11-1-openssl-fips.tar.gz
+SOURCES/go1.21.11.tar.gz
--- a/.golang.metadata
+++ b/.golang.metadata
@ -1,2 +1,2 @@
-1162b641e8b23110eaab7496003585ea6c786158 SOURCES/go1.21.9-1-openssl-fips.tar.gz
-54c038c82c82ebe2ad4ee2d0a3d7c4d39809f59a SOURCES/go1.21.9.tar.gz
+12e1749f4278ef62bfaa8f105692d2f3325aebf3 SOURCES/go1.21.11-1-openssl-fips.tar.gz
+9bc5ac9cb6476ae0392c53123050c95bd1d5f6ac SOURCES/go1.21.11.tar.gz
--- a/SOURCES/skip-test-overlong-message.patch
+++ b/SOURCES/skip-test-overlong-message.patch
@ -1,15 +0,0 @@
-diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go
-index 0853178e3a..16eb37734b 100644
--- a/src/crypto/rsa/pkcs1v15_test.go
-+++ b/src/crypto/rsa/pkcs1v15_test.go
-@@ -247,6 +247,10 @@ func TestVerifyPKCS1v15(t *testing.T) {
- }
- 
- func TestOverlongMessagePKCS1v15(t *testing.T) {
-+	// OpenSSL now returns a random string instead of an error
-+	if boring.Enabled() {
-+		t.Skip("Not relevant in boring mode")
-+	}
- 	ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
- 	_, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext)
- 	if err == nil {
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@ -92,7 +92,7 @@
 %endif

 %global go_api 1.21
-%global version 1.21.9
+%global version 1.21.11
 %global pkg_release 1

 Name:           golang
@ -145,7 +145,6 @@ Patch1939923:   skip_test_rhbz1939923.patch

 Patch2:		disable_static_tests_part1.patch
 Patch3:		disable_static_tests_part2.patch
-Patch4:		skip-test-overlong-message.patch
 Patch5:		modify_go.env.patch

 # Having documentation separate was broken
@ -243,9 +242,12 @@ Requires:       %{name} = %{version}-%{release}
 pushd ..
 tar -xf %{SOURCE1}
 popd
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch
+patch_dir="../go-go%{version}-%{pkg_release}-openssl-fips/patches"
+# Add --no-backup-if-mismatch option to avoid creating .orig temp files
+for p in "$patch_dir"/*.patch; do
+       echo "Applying $p"
+      patch -p1 --no-backup-if-mismatch < $p
+done

 # Configure crypto tests
 pushd ../go-go%{version}-%{pkg_release}-openssl-fips
@ -518,6 +520,14 @@ cd ..
 %endif

 %changelog
+* Wed Jun 12 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.11-1
+- Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790
+- Resolves: RHEL-40274
+
+* Thu May 23 2024 David Benoit <dbenoit@redhat.com> - 1.21.10
+- Update to Go 1.21.10
+- Resolves: RHEL-36993
+
 * Fri Apr 12 2024 David Benoit <dbenoit@redhat.com> - 1.21.9-1
 - Fix CVE-2023-45288
 - Resolves: RHEL-31915