Update golang to 1.18.5, 1.17.13

Update Go runtime to 1.18.5 to address CVE-2022-32189. Full diff: https://github.com/golang/go/compare/go1.18.4...go1.18.5 -------------------------------------------------------- From the security announcement: https://groups.google.com/g/golang-announce/c/YqYYG87xB10 We have just released Go versions 1.18.5 and 1.17.13, minor point releases. These minor releases include 1 security fixes following the security policy: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short. This is CVE-2022-32189 and Go issue https://go.dev/issue/53871. View the release notes for more information: https://go.dev/doc/devel/release#go1.18.5 Signed-off-by: Daniel Canter <dcanter@microsoft.com>
2022-08-02 11:54:45 -07:00
parent e2069e99f0
commit e1c5d71c0c
13 changed files with 24 additions and 24 deletions
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -66,7 +66,7 @@ jobs:
      - name: Install Go
        uses: actions/setup-go@v2
        with:
-          go-version: '1.18.4'
+          go-version: '1.18.5'
      - name: Set env
        shell: bash
        env:
@@ -109,7 +109,7 @@ jobs:
          find ./releases/ -maxdepth 1 -type l | xargs rm
        working-directory: src/github.com/containerd/containerd
        env:
-          GO_VERSION: '1.18.4'
+          GO_VERSION: '1.18.5'
          PLATFORM: ${{ matrix.platform }}
      - name: Save Artifacts
        uses: actions/upload-artifact@v2