import golang-1.21.11-1.module+el8.10.0+21986+2112108a

8e714429 · importbot · 2734e53d · 8e714429 · 8e714429 · 2734e53d
Commit 8e714429 authored 8 months ago by importbot
--- a/.golang.checksum
+++ b/.golang.checksum
-f2bf7c9f0109048c7bfca987b1297c8fa4e40cd45d87552f626126a8caa82046
+2ad56252c6b44ca0cc924a8fb53c4c4c0da21fa77d4b0fa35f3fdf562d18ad10
--- a/.golang.metadata
+++ b/.golang.metadata
-2272a9777a25d35e59832bf918e798c429cbc4e11de4bc7a09eee899a3710a99  SOURCES/go1.21.9-1-openssl-fips.tar.gz
-9724c45609f4468bfd9277a58021d59a938a4275b6c0d7c20555e19bf1941c63  SOURCES/go1.21.9.tar.gz
+d8f5705cb14bfa075a12312a5dc12d0c4b32287432f11c0b656872fe15a17519  SOURCES/go1.21.11-1-openssl-fips.tar.gz
+7df313860016b625cccaf8e94b91ca746b85b19df4d828ad36e7eff5d097e05a  SOURCES/go1.21.11.tar.gz
--- a/SOURCES/skip-test-overlong-message.patch
+++ b/SOURCES/skip-test-overlong-message.patch
-diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go
-index 0853178e3a..16eb37734b 100644
--- a/src/crypto/rsa/pkcs1v15_test.go
-+++ b/src/crypto/rsa/pkcs1v15_test.go
-@@ -247,6 +247,10 @@ func TestVerifyPKCS1v15(t *testing.T) {
- }
- 
- func TestOverlongMessagePKCS1v15(t *testing.T) {
-+	// OpenSSL now returns a random string instead of an error
-+	if boring.Enabled() {
-+		t.Skip("Not relevant in boring mode")
-+	}
- 	ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
- 	_, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext)
- 	if err == nil {
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@@ -92,7 +92,7 @@
 %endif

 %global go_api 1.21
-%global version 1.21.9
+%global version 1.21.11
 %global pkg_release 1

 Name:           golang
@@ -145,7 +145,6 @@ Patch1939923:   skip_test_rhbz1939923.patch

 Patch2:		disable_static_tests_part1.patch
 Patch3:		disable_static_tests_part2.patch
-Patch4:		skip-test-overlong-message.patch
 Patch5:		modify_go.env.patch

 # Having documentation separate was broken
@@ -243,9 +242,12 @@ Requires:       %{name} = %{version}-%{release}
 pushd ..
 tar -xf %{SOURCE1}
 popd
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch
+patch_dir="../go-go%{version}-%{pkg_release}-openssl-fips/patches"
+# Add --no-backup-if-mismatch option to avoid creating .orig temp files
+for p in "$patch_dir"/*.patch; do
+       echo "Applying $p"
+      patch -p1 --no-backup-if-mismatch < $p
+done

 # Configure crypto tests
 pushd ../go-go%{version}-%{pkg_release}-openssl-fips
@@ -518,6 +520,14 @@ cd ..
 %endif

 %changelog
+* Wed Jun 12 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.11-1
+- Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790
+- Resolves: RHEL-40274
+
+* Thu May 23 2024 David Benoit <dbenoit@redhat.com> - 1.21.10
+- Update to Go 1.21.10
+- Resolves: RHEL-36993
+
 * Fri Apr 12 2024 David Benoit <dbenoit@redhat.com> - 1.21.9-1
 - Fix CVE-2023-45288
 - Resolves: RHEL-31915