Skip to content
Permalink
Browse files

Bump Golang 1.10.6 (CVE-2018-16875)

go1.10.6 (released 2018/12/14)

- crypto/x509: CPU denial of service in chain validation golang/go#29233
- cmd/go: directory traversal in "go get" via curly braces in import paths golang/go#29231
- cmd/go: remote command execution during "go get -u" golang/go#29230

See the Go 1.10.6 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
  • Loading branch information...
thaJeztah committed Dec 14, 2018
1 parent 3ee6755 commit fced1ab36c034d6f1130ffec953bc5cd9d77a2d3
@@ -4,7 +4,7 @@ clone_folder: c:\gopath\src\github.com\docker\cli

environment:
GOPATH: c:\gopath
GOVERSION: 1.10.5
GOVERSION: 1.10.6
DEPVERSION: v0.4.1

install:
@@ -1,4 +1,4 @@
FROM golang:1.10.5-alpine
FROM golang:1.10.6-alpine

RUN apk add -U git bash coreutils gcc musl-dev

@@ -1,5 +1,5 @@

FROM golang:1.10.5-alpine
FROM golang:1.10.6-alpine

RUN apk add -U git make bash coreutils ca-certificates curl

@@ -1,4 +1,4 @@
ARG GO_VERSION=1.10.5
ARG GO_VERSION=1.10.6

FROM docker/containerd-shim-process:a4d1531 AS containerd-shim-process

@@ -1,4 +1,4 @@
FROM golang:1.10.5-alpine
FROM golang:1.10.6-alpine

RUN apk add -U git

0 comments on commit fced1ab

Please sign in to comment.
You can’t perform that action at this time.