Bump revision and update go version

Bump revision and update golang version in tarball from 1.21.0 to 1.22.11 to fix net/http CVE-2024-45336 and fix specified dependency versions in changelog entry Resolves: RHEL-78944 Signed-off-by: ccowman <ccowman@redhat.com>
2025-02-11 19:35:36 +00:00 · 2025-02-11 19:35:36 +00:00 · 5872d63a39
commit 5872d63a39
parent cb916d3ad7
2 changed files with 13 additions and 7 deletions
--- a/opentelemetry-collector.spec
+++ b/opentelemetry-collector.spec
@ -12,7 +12,7 @@ Collector with the supported components for a Red Hat build of OpenTelemetry}
 %global godocs        README.md

 Name:           opentelemetry-collector
-Release:        2%{?dist}
+Release:        3%{?dist}
 Summary:        Red Hat build of OpenTelemetry

 License:        Apache-2.0
@ -102,16 +102,22 @@ fi
 %{_bindir}/*

 %changelog
+* Tue Feb 11 2025 Conor Cowman <ccowman@redhat.com> - 0.107.0-3
+- Bump revision
+- Update tarball golang from 1.21.0 to 1.22.11
+- Update addresses CVE-2024-45336
+  Resolves: RHEL-78944
+
 * Fri Feb 07 2025 Conor Cowman <ccowman@redhat.com> - 0.107.0-2
 - Bump revision
 - Update tarball name to match upstream 
 - Upgrade the following tarball dependencies:
- x/sys v0.26.0 to v0.29.0
- x/crypto v0.28.0 to v0.32.0
- x/net v0.30.0 to v0.33.0
+- x/sys v0.23.0 to v0.29.0
+- x/crypto v0.26.0 to v0.32.0
+- x/net v0.28.0 to v0.33.0
 - x/sync v0.8.0 to v0.10.0
- x/term v0.25.0 to v0.28.0
- x/text v0.19.0 to v0.21.0
+- x/term v0.23.0 to v0.28.0
+- x/text v0.17.0 to v0.21.0
 - Update addresses the following CVEs: 
 - CVE-2024-45338
 - CVE-2024-45337
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (redhat-opentelemetry-collector-0.107.0.tar.gz) = 5be41cd59cb777946a8b84ff9252c154d9d2b258231b5b98e3df1a3cd0475119f6c300d05a70c49a42c9fbf19ebd537c2c5134787cefb6fd0322f74cf932efd7
+SHA512 (redhat-opentelemetry-collector-0.107.0.tar.gz) = be2340bb605fd355500d92304310e757157e02c17b2078128b23d3897e5047527b7e246950f540eb1c15519552cf427bce3d1135a29533c53d3076aaf24a39fd