Upgrade Golang version to fix CVE-2022-32189 vulnerability

A too-short encoded message can cause a panic in Float.GobDecode and Rat
GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially
allowing a denial of service. Upgrade Golang to the latest 1.18 version,
that is for the time being 1.18.5.
Issue-Id: RIC-934

Signed-off-by: Timo Tietavainen <timo.tietavainen@nokia.com>
Change-Id: I9498217634fc9b78a5d1ef814e1a3c8dd251d758

diff --git a/ci/Dockerfile b/ci/Dockerfile
index f9dd918..642ae3e 100644 (file)
--- a/ci/Dockerfile
+++ b/ci/Dockerfile
@@ -23,7 +23,7 @@
 # This is a Dockerfile for code verification only.
 # Not to be pushed or used for anything else.
 #
-FROM golang:1.16
+FROM golang:1.18
 
 RUN mkdir -p $GOPATH/src/sdlgo
 COPY . $GOPATH/src/sdlgo