Thanks to visit codestin.com
Credit goes to github.com

Skip to content
This repository was archived by the owner on Feb 24, 2020. It is now read-only.

configure: print full go version and check against CVE-2015-8618 #2006

Merged
merged 1 commit into from
Jan 20, 2016
Merged

configure: print full go version and check against CVE-2015-8618 #2006

merged 1 commit into from
Jan 20, 2016

Conversation

@alban
Copy link
Member

@alban alban commented Jan 20, 2016

./configure already prints the go version, but unfortunately only the
major.minor numbers without the micro:

   go version:                             '1.5'

This patch prints the full version instead:

   go version:                             '1.5.3'

Additionally, it checks that the go version is not 1.5.0, 1.5.1 or 1.5.2
to be absolutely sure it is not vulnerable to CVE-2015-8618.

@alban alban mentioned this pull request Jan 20, 2016
Closed
@alban
Copy link
Member Author

alban commented Jan 20, 2016

It fails on Travis:

checking whether we have go 1.5 or newer... yes
checking whether we have a go version without CVE-2015-8618... no
configure: error: *** go version is vulnerable to CVE-2015-8618 (1.5.2)

I need to update .travis.yml...

@alban alban force-pushed the alban/go-version-1 branch from 8841f14 to d0daaba Compare January 20, 2016 13:48
krnowak
krnowak reviewed Jan 20, 2016
View reviewed changes
configure.ac
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more. 

AS_IF([test "${GO_MAJOR}" -eq "1" -a "${GO_MINOR}" -eq "5" -a "${GO_MICRO}" -lt "3"],
      [AC_MSG_RESULT([no])
       AC_MSG_ERROR([*** go version is vulnerable to CVE-2015-8618 (${GO_VERSION})])],
      [AC_MSG_RESULT([yes])])

@krnowak
Copy link
Collaborator

krnowak commented Jan 20, 2016

LFAD, small formatting nit and a one bracket too much. :)

@alban alban force-pushed the alban/go-version-1 branch from d0daaba to 509695b Compare January 20, 2016 13:54
@alban
configure: print full go version and check against CVE-2015-8618
509695b 
./configure already prints the go version, but unfortunately only the
major.minor numbers without the micro:
>        go version:                             '1.5'

This patch prints the full version instead:
>        go version:                             '1.5.3'

Additionally, it checks that the go version is not 1.5.0, 1.5.1 or 1.5.2
to be absolutely sure it is not vulnerable to CVE-2015-8618.
@alban
Copy link
Member Author

alban commented Jan 20, 2016

Thanks! Updated.

alban added a commit that referenced this pull request Jan 20, 2016
@alban
Merge pull request #2006 from kinvolk/alban/go-version-1
8fa3837 
configure: print full go version and check against CVE-2015-8618
@alban alban merged commit 8fa3837 into rkt:master Jan 20, 2016
alban added a commit to kinvolk/rkt that referenced this pull request Feb 3, 2016
@alban
build: print a warning on go version 1.5.{1,2}
591ec91 
Ubuntu does not have golang 1.5.3 yet, so the check was completely
blocking the build on Ubuntu. Replace it with a warning.

Related to rkt#2006
@alban alban mentioned this pull request Feb 3, 2016
Merged
alban added a commit to kinvolk/rkt that referenced this pull request Feb 3, 2016
@alban
build: print a warning on go version 1.5.{1,2}
c83a153 
Ubuntu does not have golang 1.5.3 yet, so the check was completely
blocking the build on Ubuntu. Replace it with a warning.

Related to rkt#2006
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@alban @krnowak