[25.0 backport] update to go1.21.8 #47503
Merged
Commits on Mar 5, 2024
-
go1.21.8 (released 2024-03-05) includes 5 security fixes - crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783, https://go.dev/issue/65390) - net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290, https://go.dev/issue/65383) - net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect (CVE-2023-45289, https://go.dev/issue/65065) - html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785, https://go.dev/issue/65697) - net/mail: comments in display names are incorrectly handled (CVE-2024-24784, https://go.dev/issue/65083) View the release notes for more information: https://go.dev/doc/devel/release#go1.22.1 - https://github.com/golang/go/issues?q=milestone%3AGo1.21.8+label%3ACherryPickApproved - full diff: golang/go@go1.21.7...go1.21.8 Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com> (cherry picked from commit 57b7ffa)
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.