GitList

Browse code

update to go1.23.7

- https://github.com/golang/go/issues?q=milestone%3AGo1.23.7+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.23.6...go1.23.7

These minor releases include 1 security fixes following the security policy:

net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass using IPv6 zone IDs

Matching of hosts against proxy patterns could improperly treat an IPv6
zone ID as a hostname component. For example, when the NO_PROXY
environment variable was set to "*.example.com", a request to
"[::1%25.example.com]:80` would incorrectly match and not be proxied.

Thanks to Juho Forsén of Mattermost for reporting this issue.

This is CVE-2025-22870 and Go issue https://go.dev/issue/71984.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.7

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>

Paweł Gronowski authored on 2025/03/05 06:57:35
Showing 12 changed files

.github/workflows/.test.yml index 20a9abf..a11dd3f 100644
.github/workflows/.windows.yml index 611a52c..c66bc79 100644
.github/workflows/arm64.yml index 68527c8..400bb79 100644
.github/workflows/buildkit.yml index 878d870..f1b3d03 100644
.github/workflows/codeql.yml index 9c7bb9a..ba6dc7f 100644
.github/workflows/test.yml index bad07ff..b328a5a 100644
.golangci.yml index 83babb1..80e0af5 100644
Dockerfile index f93993f..68b9133 100644
Dockerfile.simple index 53fbb35..d61fe8c 100644
Dockerfile.windows index c16d41e..38efed4 100644
hack/dockerfiles/generate-files.Dockerfile index 908464f..b0bc8cd 100644
hack/dockerfiles/govulncheck.Dockerfile index fa1d91e..eee2ca5 100644

.github/workflows/.test.yml

History View file @ 5f912e4

@@ -21,7 +21,7 @@ on:
                              default: "graphdriver"
                      env:
                     -  GO_VERSION: "1.23.6"
                     +  GO_VERSION: "1.23.7"
                        GOTESTLIST_VERSION: v0.3.1
                        TESTSTAT_VERSION: v0.1.25
                        ITG_CLI_MATRIX_SIZE: 6

.github/workflows/.windows.yml

History View file @ 5f912e4

@@ -28,7 +28,7 @@ on:
                              default: false
                      env:
                     -  GO_VERSION: "1.23.6"
                     +  GO_VERSION: "1.23.7"
                        GOTESTLIST_VERSION: v0.3.1
                        TESTSTAT_VERSION: v0.1.25
                        WINDOWS_BASE_IMAGE: mcr.microsoft.com/windows/servercore

.github/workflows/arm64.yml

History View file @ 5f912e4

@@ -23,7 +23,7 @@ on:
                        pull_request:
                      env:
                     -  GO_VERSION: "1.23.6"
                     +  GO_VERSION: "1.23.7"
                        TESTSTAT_VERSION: v0.1.25
                        DESTDIR: ./build
                        SETUP_BUILDX_VERSION: edge

.github/workflows/buildkit.yml

History View file @ 5f912e4

@@ -23,7 +23,7 @@ on:
                        pull_request:
                      env:
                     -  GO_VERSION: "1.23.6"
                     +  GO_VERSION: "1.23.7"
                        DESTDIR: ./build
                        SETUP_BUILDX_VERSION: edge
                        SETUP_BUILDKIT_IMAGE: moby/buildkit:latest

.github/workflows/codeql.yml

History View file @ 5f912e4

@@ -58,7 +58,7 @@ jobs:
                            - name: Update Go
                              uses: actions/setup-go@v5
                              with:
                     -          go-version: "1.23.6"
                     +          go-version: "1.23.7"
                            - name: Initialize CodeQL
                              uses: github/codeql-action/init@v3
                              with:

.github/workflows/test.yml

History View file @ 5f912e4

@@ -23,7 +23,7 @@ on:
                        pull_request:
                      env:
                     -  GO_VERSION: "1.23.6"
                     +  GO_VERSION: "1.23.7"
                        GIT_PAGER: "cat"
                        PAGER: "cat"
                        SETUP_BUILDX_VERSION: edge

.golangci.yml

History View file @ 5f912e4

@@ -39,7 +39,7 @@ linters:
                      run:
                        # prevent golangci-lint from deducting the go version to lint for through go.mod,
                        # which causes it to fallback to go1.17 semantics.
                     -  go: "1.23.6"
                     +  go: "1.23.7"
                        concurrency: 2
                        # Only supported with go modules enabled (build flag -mod=vendor only valid when using modules)
                        # modules-download-mode: vendor

Dockerfile

History View file @ 5f912e4

@@ -1,6 +1,6 @@
                      # syntax=docker/dockerfile:1.7
                     -ARG GO_VERSION=1.23.6
                     +ARG GO_VERSION=1.23.7
                      ARG BASE_DEBIAN_DISTRO="bookworm"
                      ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"
                      ARG XX_VERSION=1.6.1

Dockerfile.simple

History View file @ 5f912e4

@@ -5,7 +5,7 @@
                      # This represents the bare minimum required to build and test Docker.
                     -ARG GO_VERSION=1.23.6
                     +ARG GO_VERSION=1.23.7
                      ARG BASE_DEBIAN_DISTRO="bookworm"
                      ARG GOLANG_IMAGE="golang:${GO_VERSION}-${BASE_DEBIAN_DISTRO}"

Dockerfile.windows

History View file @ 5f912e4

@@ -161,7 +161,7 @@ FROM ${WINDOWS_BASE_IMAGE}:${WINDOWS_BASE_IMAGE_TAG}
                      # Use PowerShell as the default shell
                      SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
                     -ARG GO_VERSION=1.23.6
                     +ARG GO_VERSION=1.23.7
                      ARG GOTESTSUM_VERSION=v1.12.0
                      ARG GOWINRES_VERSION=v0.3.1
                      ARG CONTAINERD_VERSION=v1.7.25

hack/dockerfiles/generate-files.Dockerfile

History View file @ 5f912e4

@@ -1,6 +1,6 @@
                      # syntax=docker/dockerfile:1
                     -ARG GO_VERSION=1.23.6
                     +ARG GO_VERSION=1.23.7
                      ARG BASE_DEBIAN_DISTRO="bookworm"
                      ARG PROTOC_VERSION=3.11.4

hack/dockerfiles/govulncheck.Dockerfile

History View file @ 5f912e4

@@ -1,6 +1,6 @@
                      # syntax=docker/dockerfile:1
                     -ARG GO_VERSION=1.23.6
                     +ARG GO_VERSION=1.23.7
                      ARG GOVULNCHECK_VERSION=v1.1.3
                      ARG FORMAT=text