From 6c563e1d077fdb55f4f412bf6ce034ba210cb3b2 Mon Sep 17 00:00:00 2001
From: Christian Stewart <christian@aperture.us>
Date: Tue, 7 May 2024 14:42:34 -0700
Subject: [PATCH] package/go: security bump version to go1.22.3

Fixes CVEs:

CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin
CVE-2024-24788: net: malformed DNS message can cause infinite loop

https://go.dev/doc/devel/release#go1.22.3

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit b74cb51c0f3215199495b07c94e83c93a3517152)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/go/go.hash | 2 +-
 package/go/go.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/go/go.hash b/package/go/go.hash
index 81bd14baa8..6bbde5b589 100644
--- a/package/go/go.hash
+++ b/package/go/go.hash
@@ -1,3 +1,3 @@
 # From https://go.dev/dl
-sha256  374ea82b289ec738e968267cac59c7d5ff180f9492250254784b2044e90df5a9  go1.22.2.src.tar.gz
+sha256  80648ef34f903193d72a59c0dff019f5f98ae0c9aa13ade0b0ecbff991a76f68  go1.22.3.src.tar.gz
 sha256  2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE
diff --git a/package/go/go.mk b/package/go/go.mk
index 5eaf53cbda..6262dc3839 100644
--- a/package/go/go.mk
+++ b/package/go/go.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GO_VERSION = 1.22.2
+GO_VERSION = 1.22.3
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz