Bug 2013628

Summary:	golang-1.16 for EPEL7
Product:	[Fedora] Fedora EPEL	Reporter:	Dave Dykstra <dwd>
Component:	golang	Assignee:	Dave Dykstra <dwd>
Status:	CLOSED ERRATA	QA Contact:	Fedora Extras Quality Assurance <extras-qa>
Severity:	high	Docs Contact:
Priority:	urgent
Version:	epel7	CC:	admiller, alexisgandroid, amurdaca, asm, deparker, gsuckevi, jakob, jcajka, lemenkov, mvanderw, slong, vbatts
Target Milestone:	---	Keywords:	Security
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	golang-1.16.13-2.el7	Doc Type:	If docs needed, set a value
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2022-01-29 06:07:25 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	2012887, 2020725, 2020736, 2030801, 2030806

Description Dave Dykstra 2021-10-13 12:10:08 UTC

Description of problem:

golang for EPEL7 and EPEL8 is still version 1.15, which is no longer supported upstream.  Upstream only supports one previous release series, which at this point is 1.16.  I support the singularity package in EPEL & Fedora, and one of its dependencies is now requiring at least golang-1.16.  Can the EPEL7 & EPEL8 golang package be updated to the latest 1.16.x?

Version-Release number of selected component (if applicable):

1.15.14

How reproducible:

Very

Steps to Reproduce:
1. yum -y install golang
2. rpm -q golang

Actual results:

golang-1.15.14-1.el7.x86_64

Expected results:

golang-1.16.9-1.el7.x86_64

Additional info:

Comment 1 Dave Dykstra 2021-11-10 18:51:33 UTC

Actually golang comes from Red Hat in EL8, so this request is only for EPEL7.

In fact, I just discovered while writing this that EL8 was updated yesterday to golang 1.16.7 because of a security announcement: https://access.redhat.com/errata/RHSA-2021:4156.  So this is now more urgent.

Comment 2 Dave Dykstra 2021-11-10 19:53:23 UTC

To be fair, the security announcement coincided with the EL8.5 release, so one could instead say that the 8.5 release was the real reason for the upgrade.

Comment 3 Dave Dykstra 2021-11-30 20:13:26 UTC

Can I please get some response from one of the providers?

As I said, I am also an EPEL/Fedora provider.  Would it help if I be added to the list of 7 people that are admins or committers for golang so I can release this myself?  RHEL7 still has 2-1/2 years until End Of Life, we can't expect epel7 to stay at 1.15 that whole time.

Comment 4 Alexis G 2021-12-06 11:31:27 UTC

Now it would be at least 1.16.11 or 1.17.4...

Thanks.


@admiller

Comment 5 Dave Dykstra 2021-12-14 22:13:39 UTC

And this important announcement

https://groups.google.com/g/golang-announce/c/hcmEScgc00k

especially around CVE-2021-44717, makes it essential that it be upgraded to 1.16.12 or 1.17.5.

Hello, is there anybody there?

Comment 6 Fedora Admin user for bugzilla script actions 2022-01-14 00:10:14 UTC

This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.

Comment 7 Dave Dykstra 2022-01-18 20:52:46 UTC

Jakub Čajka made me the epel7 golang maintainer.  I was able to completely copy the f35 configuration to epel7, with only one minor change to not define ExclusiveArch because there was no %{golang_arches} defined, and successfully did a koji build --scratch epel7 from a golang 1.16.13 src rpm.  The full epel7 fedpkg build for golang-1.16.13-1 is proceeding now.

Comment 8 Alexis G 2022-01-18 22:17:54 UTC

Thank you Jakub!

Comment 9 Alexis G 2022-01-18 22:18:13 UTC

Thank you Jakub!

Comment 10 Fedora Update System 2022-01-18 22:53:24 UTC

FEDORA-EPEL-2022-14c15afabc has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14c15afabc

Comment 11 Dave Dykstra 2022-01-18 23:35:27 UTC

*** Bug 2014920 has been marked as a duplicate of this bug. ***

Comment 12 Dave Dykstra 2022-01-18 23:45:10 UTC

*** Bug 2020726 has been marked as a duplicate of this bug. ***

Comment 13 Dave Dykstra 2022-01-18 23:47:24 UTC

*** Bug 2020737 has been marked as a duplicate of this bug. ***

Comment 14 Dave Dykstra 2022-01-18 23:54:49 UTC

*** Bug 2030802 has been marked as a duplicate of this bug. ***

Comment 15 Dave Dykstra 2022-01-18 23:57:13 UTC

*** Bug 2030808 has been marked as a duplicate of this bug. ***

Comment 16 Fedora Update System 2022-01-19 02:19:02 UTC

FEDORA-EPEL-2022-14c15afabc has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14c15afabc

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 17 Fedora Update System 2022-01-20 17:48:58 UTC

FEDORA-EPEL-2022-246382d5dc has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-246382d5dc

Comment 18 Fedora Update System 2022-01-21 06:49:31 UTC

FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-246382d5dc

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 19 Fedora Update System 2022-01-29 06:07:25 UTC

FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 20 Fedora Update System 2022-01-29 15:01:43 UTC

FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.