Skip to content

Commit

Permalink
Go version upgraded to 1.23.1
Browse files Browse the repository at this point in the history
  • Loading branch information
@rajch
rajch committed Oct 17, 2024
1 parent fab7297 commit 6512da7
Show file tree
Hide file tree
Showing 6 changed files with 47 additions and 71 deletions.
2 changes: 1 addition & 1 deletion go.mod
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
module github.com/rajch/weave

go 1.21
go 1.23.1

require (
github.com/andybalholm/go-bit v1.0.1
Expand Down
8 changes: 8 additions & 0 deletions reweave/CHANGELOG.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,14 @@

All changes made to the weave net codebase since the fork will be documented in this file.

## 2.8.10-beta2

### Changed

* Changed go version in `go.mod` to 1.23.1
* Changed go base image in `reweave/build/Dockerfile` to `golang:1.23.1-bullseye`.


## 2.8.10-beta1

### Changed
Expand Down
2 changes: 1 addition & 1 deletion reweave/Makefile
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
IMAGE_VERSION ?= 2.8.10-beta1
IMAGE_VERSION ?= 2.8.10-beta2
REGISTRY_USER ?= rajchaudhuri

ALPINE_BASEIMAGE ?= alpine:3.20.3
Expand Down
4 changes: 2 additions & 2 deletions reweave/build/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,12 @@
ARG ALPINE_BASEIMAGE=alpine:3.20.3

########
# Stage 1: go 1.22.2 on debian bullseye
# Stage 1: go 1.23.1 on debian bullseye
# This installs cross-compilation tools for supported architectures.
# It will be built only once for a given build platform. Subsequent
# stages will start from this and cross-compile for each target
# architecture.
FROM --platform=${BUILDPLATFORM} golang:1.22.2-bullseye AS builderbase
FROM --platform=${BUILDPLATFORM} golang:1.23.1-bullseye AS builderbase

# Support Raspberry Pi 2 and newer
ENV GOARM 7
Expand Down
2 changes: 1 addition & 1 deletion reweave/scans/badge.json
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "16", "color": "orange"}
{"schemaVersion": 1, "label": "Vulnerabilty count", "message": "8", "color": "orange"}
100 changes: 34 additions & 66 deletions reweave/scans/report.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@

```
Report date: 2024-10-17
Unique vulnerability count: 16
Images version: 2.8.10-beta1
Unique vulnerability count: 8
Images version: 2.8.10-beta2
```

## Scanner Details
Expand All @@ -23,83 +23,51 @@ Supported DB Schema: 5

## Vulnerabilities

### weave-kube: (16)
### weave-kube: (8)

```
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24790 Critical
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34158 High
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34156 High
stdlib go1.22.2 1.21.12, 1.22.5 go-module CVE-2024-24791 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24789 Medium
stdlib go1.22.2 1.21.10, 1.22.3 go-module CVE-2024-24787 Medium
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34155 Unknown
stdlib go1.22.2 1.22.3 go-module CVE-2024-24788 Unknown
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
```

### weave-npc: (8)
### weave-npc: (0)

```
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24790 Critical
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34158 High
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34156 High
stdlib go1.22.2 1.21.12, 1.22.5 go-module CVE-2024-24791 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24789 Medium
stdlib go1.22.2 1.21.10, 1.22.3 go-module CVE-2024-24787 Medium
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34155 Unknown
stdlib go1.22.2 1.22.3 go-module CVE-2024-24788 Unknown
No vulnerabilities found
```

### weave: (16)
### weave: (8)

```
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24790 Critical
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34158 High
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34156 High
stdlib go1.22.2 1.21.12, 1.22.5 go-module CVE-2024-24791 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24789 Medium
stdlib go1.22.2 1.21.10, 1.22.3 go-module CVE-2024-24787 Medium
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34155 Unknown
stdlib go1.22.2 1.22.3 go-module CVE-2024-24788 Unknown
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
```

### weaveexec: (16)
### weaveexec: (8)

```
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24790 Critical
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34158 High
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34156 High
stdlib go1.22.2 1.21.12, 1.22.5 go-module CVE-2024-24791 High
stdlib go1.22.2 1.21.11, 1.22.4 go-module CVE-2024-24789 Medium
stdlib go1.22.2 1.21.10, 1.22.3 go-module CVE-2024-24787 Medium
stdlib go1.22.2 1.22.7, 1.23.1 go-module CVE-2024-34155 Unknown
stdlib go1.22.2 1.22.3 go-module CVE-2024-24788 Unknown
NAME INSTALLED FIXED-IN TYPE VULNERABILITY SEVERITY
bind-libs 9.18.27-r0 apk CVE-2024-4076 High
bind-libs 9.18.27-r0 apk CVE-2024-1975 High
bind-libs 9.18.27-r0 apk CVE-2024-1737 High
bind-libs 9.18.27-r0 apk CVE-2024-0760 High
bind-tools 9.18.27-r0 apk CVE-2024-4076 High
bind-tools 9.18.27-r0 apk CVE-2024-1975 High
bind-tools 9.18.27-r0 apk CVE-2024-1737 High
bind-tools 9.18.27-r0 apk CVE-2024-0760 High
```

0 comments on commit 6512da7

Please sign in to comment.