Pull request: upd-go
Merge in DNS/adguard-home from upd-go to master Squashed commit of the following: commit 3dffc8b5d8951216c1e695472199fc9e9d85e1c7 Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Oct 7 14:30:23 2022 +0300 all: fix chlog commit cca70bd6cd27d04cd7cebe14a4e4bef112ce2bcb Author: Ainar Garipov <A.Garipov@AdGuard.COM> Date: Fri Oct 7 14:07:39 2022 +0300 all: upd go
This commit is contained in:
parent
330ac30324
commit
960a7a75ed
|
@ -1,7 +1,7 @@
|
|||
'name': 'build'
|
||||
|
||||
'env':
|
||||
'GO_VERSION': '1.18.6'
|
||||
'GO_VERSION': '1.18.7'
|
||||
'NODE_VERSION': '14'
|
||||
|
||||
'on':
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
'name': 'lint'
|
||||
|
||||
'env':
|
||||
'GO_VERSION': '1.18.6'
|
||||
'GO_VERSION': '1.18.7'
|
||||
|
||||
'on':
|
||||
'push':
|
||||
|
|
23
CHANGELOG.md
23
CHANGELOG.md
|
@ -15,6 +15,12 @@ and this project adheres to
|
|||
## [v0.108.0] - TBA (APPROX.)
|
||||
-->
|
||||
|
||||
## Security
|
||||
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-2879, CVE-2022-2880, and CVE-2022-41715 Go vulnerabilities fixed in
|
||||
[Go 1.18.7][go-1.18.7].
|
||||
|
||||
## Added
|
||||
|
||||
- The ability to put [ClientIDs][clientid] into DNS-over-HTTPS hostnames as
|
||||
|
@ -23,7 +29,8 @@ and this project adheres to
|
|||
|
||||
[#3418]: https://github.com/AdguardTeam/AdGuardHome/issues/3418
|
||||
|
||||
[clientid]: https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#clientid
|
||||
[go-1.18.7]: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
|
||||
[clientid]: https://github.com/AdguardTeam/AdGuardHome/wiki/Clients#clientid
|
||||
|
||||
|
||||
|
||||
|
@ -173,7 +180,7 @@ See also the [v0.107.12 GitHub milestone][ms-v0.107.12].
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-27664 and CVE-2022-32190 Go vulnerabilities fixed in
|
||||
[Go 1.18.6][go-1.18.6].
|
||||
|
||||
|
@ -294,7 +301,7 @@ See also the [v0.107.9 GitHub milestone][ms-v0.107.9].
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-32189 Go vulnerability fixed in [Go 1.18.5][go-1.18.5]. Go 1.17
|
||||
support has also been removed, as it has reached end of life and will not
|
||||
receive security updates.
|
||||
|
@ -337,7 +344,7 @@ See also the [v0.107.8 GitHub milestone][ms-v0.107.8].
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
CVE-2022-1705, CVE-2022-32148, CVE-2022-30631, and other Go vulnerabilities
|
||||
fixed in [Go 1.17.12][go-1.17.12].
|
||||
|
||||
|
@ -373,7 +380,7 @@ See also the [v0.107.7 GitHub milestone][ms-v0.107.7].
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-29526], [CVE-2022-30634], [CVE-2022-30629], [CVE-2022-30580], and
|
||||
[CVE-2022-29804] Go vulnerabilities.
|
||||
- Enforced password strength policy ([#3503]).
|
||||
|
@ -530,7 +537,7 @@ See also the [v0.107.6 GitHub milestone][ms-v0.107.6].
|
|||
### Security
|
||||
|
||||
- `User-Agent` HTTP header removed from outgoing DNS-over-HTTPS requests.
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-24675], [CVE-2022-27536], and [CVE-2022-28327] Go vulnerabilities.
|
||||
|
||||
### Added
|
||||
|
@ -585,7 +592,7 @@ were resolved.
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-24921] Go vulnerability.
|
||||
|
||||
[CVE-2022-24921]: https://www.cvedetails.com/cve/CVE-2022-24921
|
||||
|
@ -598,7 +605,7 @@ See also the [v0.107.4 GitHub milestone][ms-v0.107.4].
|
|||
|
||||
### Security
|
||||
|
||||
- Go version was updated to prevent the possibility of exploiting the
|
||||
- Go version has been updated to prevent the possibility of exploiting the
|
||||
[CVE-2022-23806], [CVE-2022-23772], and [CVE-2022-23773] Go vulnerabilities.
|
||||
|
||||
### Fixed
|
||||
|
|
|
@ -7,7 +7,7 @@
|
|||
# Make sure to sync any changes with the branch overrides below.
|
||||
'variables':
|
||||
'channel': 'edge'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.1'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.2'
|
||||
|
||||
'stages':
|
||||
- 'Build frontend':
|
||||
|
@ -322,7 +322,7 @@
|
|||
# need to build a few of these.
|
||||
'variables':
|
||||
'channel': 'beta'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.1'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.2'
|
||||
# release-vX.Y.Z branches are the branches from which the actual final release
|
||||
# is built.
|
||||
- '^release-v[0-9]+\.[0-9]+\.[0-9]+':
|
||||
|
@ -337,4 +337,4 @@
|
|||
# are the ones that actually get released.
|
||||
'variables':
|
||||
'channel': 'release'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.1'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.2'
|
||||
|
|
|
@ -5,7 +5,7 @@
|
|||
'key': 'AHBRTSPECS'
|
||||
'name': 'AdGuard Home - Build and run tests'
|
||||
'variables':
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.1'
|
||||
'dockerGo': 'adguard/golang-ubuntu:5.2'
|
||||
|
||||
'stages':
|
||||
- 'Tests':
|
||||
|
|
Loading…
Reference in New Issue