From: Timo Tietavainen <timo.tietavainen@nokia.com>
Date: Fri, 12 Aug 2022 12:49:53 +0000 (+0300)
Subject: Upgrade Golang version to fix CVE-2022-32189 vulnerability
X-Git-Tag: v0.10.1^0
X-Git-Url: https://gerrit.o-ran-sc.org/r/gitweb?a=commitdiff_plain;h=1fb0e222e95d5af6df20d922501f585c1ef9fd0b;p=ric-plt%2Fsdlgo.git

Upgrade Golang version to fix CVE-2022-32189 vulnerability

A too-short encoded message can cause a panic in Float.GobDecode and Rat
GobDecode in math/big in Go before 1.17.13 and 1.18.5, potentially
allowing a denial of service. Upgrade Golang to the latest 1.18 version,
that is for the time being 1.18.5.
Issue-Id: RIC-934

Signed-off-by: Timo Tietavainen <timo.tietavainen@nokia.com>
Change-Id: I9498217634fc9b78a5d1ef814e1a3c8dd251d758
---

diff --git a/ci/Dockerfile b/ci/Dockerfile
index f9dd918..642ae3e 100644
--- a/ci/Dockerfile
+++ b/ci/Dockerfile
@@ -23,7 +23,7 @@
 # This is a Dockerfile for code verification only.
 # Not to be pushed or used for anything else.
 #
-FROM golang:1.16
+FROM golang:1.18
 
 RUN mkdir -p $GOPATH/src/sdlgo
 COPY . $GOPATH/src/sdlgo