Update golang to 1.18.5, 1.17.13

Update Go runtime to 1.18.5 to address CVE-2022-32189. Full diff: https://github.com/golang/go/compare/go1.18.4...go1.18.5 -------------------------------------------------------- From the security announcement: https://groups.google.com/g/golang-announce/c/YqYYG87xB10 We have just released Go versions 1.18.5 and 1.17.13, minor point releases. These minor releases include 1 security fixes following the security policy: encoding/gob & math/big: decoding big.Float and big.Rat can panic Decoding big.Float and big.Rat types can panic if the encoded message is too short. This is CVE-2022-32189 and Go issue https://go.dev/issue/53871. View the release notes for more information: https://go.dev/doc/devel/release#go1.18.5 Signed-off-by: Daniel Canter <dcanter@microsoft.com>
2022-08-02 11:54:45 -07:00
parent e2069e99f0
commit e1c5d71c0c
13 changed files with 24 additions and 24 deletions
--- a/contrib/fuzz/oss_fuzz_build.sh
+++ b/contrib/fuzz/oss_fuzz_build.sh
@@ -40,11 +40,11 @@ compile_fuzzers() {

 apt-get update && apt-get install -y wget
 cd $SRC
-wget --quiet https://go.dev/dl/go1.18.4.linux-amd64.tar.gz
+wget --quiet https://go.dev/dl/go1.18.5.linux-amd64.tar.gz

 mkdir temp-go
 rm -rf /root/.go/*
-tar -C temp-go/ -xzf go1.18.4.linux-amd64.tar.gz
+tar -C temp-go/ -xzf go1.18.5.linux-amd64.tar.gz
 mv temp-go/go/* /root/.go/
 cd $SRC/containerd