matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
46c0d073a5
sonic-buildimage/sonic-slave-jessie
History
Feng-msft 46c0d073a5
Update golang version for telemetry build in sonic-slave-buster to fix (#14636) 
Update golang version for telemetry build in sonic-slave-jessie to fix CVE-2021-33195, this PR will be merged into 201911 branch finally.

#### Why I did it
Go before 1.15.13 and 1.16.x before 1.16.5 has functions for DNS lookups that do not validate replies from DNS servers, and thus a return value may contain an unsafe injection (e.g., XSS) that does not conform to the RFC1035 format. Now in 201911 and 202012 branch we're using 1.14.2

##### Work item tracking
- Microsoft ADO **(number only)**:17727291

#### How I did it
Bump golang version into 1.15.15 which contains corresponding fix.

#### How to verify it
unit test to do sanity check.
2023-04-16 23:44:11 -07:00
..
Dockerfile.j2 Update golang version for telemetry build in sonic-slave-buster to fix (#14636) 2023-04-16 23:44:11 -07:00
Dockerfile.user.j2 [build]: add arch name in sonic-slave docker image 2020-12-25 09:31:42 -08:00
no-check-valid-until [apt] Instruct apt-get to NOT check the "Valid Until" date in Release files (#3973) 2020-01-07 15:52:49 -08:00
sonic-jenkins-id_rsa.pub [sonic-slave]: Remove base from image name, rename folder to prevent user confliction (jessie) (#3790) 2019-11-21 16:14:32 -08:00