Bug 2013628 - golang-1.16 for EPEL7
Summary: golang-1.16 for EPEL7
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: golang
Version: epel7
Hardware: Unspecified
OS: Unspecified
urgent
high
Target Milestone: ---
Assignee: Dave Dykstra
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: CVE-2021-38297 CVE-2021-41771 CVE-2021-41772 CVE-2021-44716 CVE-2021-44717
TreeView+ depends on / blocked
 
Reported: 2021-10-13 12:10 UTC by Dave Dykstra
Modified: 2022-01-29 15:01 UTC (History)
12 users (show)

Fixed In Version: golang-1.16.13-2.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2022-01-29 06:07:25 UTC
Type: Bug


Attachments (Terms of Use)

Description Dave Dykstra 2021-10-13 12:10:08 UTC
Description of problem:

golang for EPEL7 and EPEL8 is still version 1.15, which is no longer supported upstream.  Upstream only supports one previous release series, which at this point is 1.16.  I support the singularity package in EPEL & Fedora, and one of its dependencies is now requiring at least golang-1.16.  Can the EPEL7 & EPEL8 golang package be updated to the latest 1.16.x?

Version-Release number of selected component (if applicable):

1.15.14

How reproducible:

Very

Steps to Reproduce:
1. yum -y install golang
2. rpm -q golang

Actual results:

golang-1.15.14-1.el7.x86_64

Expected results:

golang-1.16.9-1.el7.x86_64

Additional info:

Comment 1 Dave Dykstra 2021-11-10 18:51:33 UTC
Actually golang comes from Red Hat in EL8, so this request is only for EPEL7.

In fact, I just discovered while writing this that EL8 was updated yesterday to golang 1.16.7 because of a security announcement: https://access.redhat.com/errata/RHSA-2021:4156.  So this is now more urgent.

Comment 2 Dave Dykstra 2021-11-10 19:53:23 UTC
To be fair, the security announcement coincided with the EL8.5 release, so one could instead say that the 8.5 release was the real reason for the upgrade.

Comment 3 Dave Dykstra 2021-11-30 20:13:26 UTC
Can I please get some response from one of the providers?

As I said, I am also an EPEL/Fedora provider.  Would it help if I be added to the list of 7 people that are admins or committers for golang so I can release this myself?  RHEL7 still has 2-1/2 years until End Of Life, we can't expect epel7 to stay at 1.15 that whole time.

Comment 4 Alexis G 2021-12-06 11:31:27 UTC
Now it would be at least 1.16.11 or 1.17.4...

Thanks.


@admiller@redhat.com

Comment 5 Dave Dykstra 2021-12-14 22:13:39 UTC
And this important announcement

https://groups.google.com/g/golang-announce/c/hcmEScgc00k

especially around CVE-2021-44717, makes it essential that it be upgraded to 1.16.12 or 1.17.5.

Hello, is there anybody there?

Comment 6 Fedora Admin user for bugzilla script actions 2022-01-14 00:10:14 UTC
This package has changed maintainer in Fedora. Reassigning to the new maintainer of this component.

Comment 7 Dave Dykstra 2022-01-18 20:52:46 UTC
Jakub Čajka made me the epel7 golang maintainer.  I was able to completely copy the f35 configuration to epel7, with only one minor change to not define ExclusiveArch because there was no %{golang_arches} defined, and successfully did a koji build --scratch epel7 from a golang 1.16.13 src rpm.  The full epel7 fedpkg build for golang-1.16.13-1 is proceeding now.

Comment 8 Alexis G 2022-01-18 22:17:54 UTC
Thank you Jakub!

Comment 9 Alexis G 2022-01-18 22:18:13 UTC
Thank you Jakub!

Comment 10 Fedora Update System 2022-01-18 22:53:24 UTC
FEDORA-EPEL-2022-14c15afabc has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14c15afabc

Comment 11 Dave Dykstra 2022-01-18 23:35:27 UTC
*** Bug 2014920 has been marked as a duplicate of this bug. ***

Comment 12 Dave Dykstra 2022-01-18 23:45:10 UTC
*** Bug 2020726 has been marked as a duplicate of this bug. ***

Comment 13 Dave Dykstra 2022-01-18 23:47:24 UTC
*** Bug 2020737 has been marked as a duplicate of this bug. ***

Comment 14 Dave Dykstra 2022-01-18 23:54:49 UTC
*** Bug 2030802 has been marked as a duplicate of this bug. ***

Comment 15 Dave Dykstra 2022-01-18 23:57:13 UTC
*** Bug 2030808 has been marked as a duplicate of this bug. ***

Comment 16 Fedora Update System 2022-01-19 02:19:02 UTC
FEDORA-EPEL-2022-14c15afabc has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-14c15afabc

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 17 Fedora Update System 2022-01-20 17:48:58 UTC
FEDORA-EPEL-2022-246382d5dc has been submitted as an update to Fedora EPEL 7. https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-246382d5dc

Comment 18 Fedora Update System 2022-01-21 06:49:31 UTC
FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 testing repository.

You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-246382d5dc

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 19 Fedora Update System 2022-01-29 06:07:25 UTC
FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 20 Fedora Update System 2022-01-29 15:01:43 UTC
FEDORA-EPEL-2022-246382d5dc has been pushed to the Fedora EPEL 7 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.