diff --git a/SPECS/golang/golang-1.23.spec b/SPECS/golang/golang-1.23.spec index cc48eed4a70..074937f164f 100644 --- a/SPECS/golang/golang-1.23.spec +++ b/SPECS/golang/golang-1.23.spec @@ -15,7 +15,7 @@ Summary: Go Name: golang Version: 1.23.12 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux @@ -99,6 +99,9 @@ rm -f %{gopath}/src/runtime/*.c ./make.bash --no-clean ) +# Nuke the final bootstrapper. Note: It is not used in any step under install, post, postrun +rm -rf %{_libdir}/golang + %install mkdir -p %{buildroot}%{_bindir} @@ -154,6 +157,9 @@ fi %{_bindir}/* %changelog +* Thu June 04 2026 Amit Upadhyay amitupadhyay@microsoft.com - 1.23.12-2 +- Remove the remaining final bootstrap component to reduce attack surface; the residual bootstrap artifact has had prior vulnerability exposure, so removing it is a security improvement. + * Wed Aug 06 2025 bot-for-go[bot] <199222863+bot-for-go[bot]@users.noreply.github.com> - 1.23.12-1 - Bump version to 1.23.12-1 diff --git a/SPECS/golang/golang-1.24.spec b/SPECS/golang/golang-1.24.spec index 88eb74c7430..6aa9f3cb9b5 100644 --- a/SPECS/golang/golang-1.24.spec +++ b/SPECS/golang/golang-1.24.spec @@ -15,7 +15,7 @@ Summary: Go Name: golang Version: 1.24.13 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux @@ -105,6 +105,9 @@ rm -f %{gopath}/src/runtime/*.c ./make.bash --no-clean ) +# Nuke the final bootstrapper. Note: It is not used in any step under install, post, postrun +rm -rf %{_libdir}/golang + %install mkdir -p %{buildroot}%{_bindir} @@ -160,6 +163,9 @@ fi %{_bindir}/* %changelog +* Thu June 04 2026 Amit Upadhyay amitupadhyay@microsoft.com - 1.24.13-2 +- Remove the remaining final bootstrap component to reduce attack surface; the residual bootstrap artifact has had prior vulnerability exposure, so removing it is a security improvement. + * Thu Feb 05 2026 bot-for-go[bot] <199222863+bot-for-go[bot]@users.noreply.github.com> - 1.24.13-1 - Bump version to 1.24.13-1 diff --git a/SPECS/golang/golang-1.25.spec b/SPECS/golang/golang-1.25.spec index fc123cccbcb..e536df5ea5b 100644 --- a/SPECS/golang/golang-1.25.spec +++ b/SPECS/golang/golang-1.25.spec @@ -15,7 +15,7 @@ Summary: Go Name: golang Version: 1.25.11 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux @@ -105,6 +105,9 @@ rm -f %{gopath}/src/runtime/*.c ./make.bash --no-clean ) +# Nuke the final bootstrapper. Note: It is not used in any step under install, post, postrun +rm -rf %{_libdir}/golang + %install mkdir -p %{buildroot}%{_bindir} @@ -160,6 +163,9 @@ fi %{_bindir}/* %changelog +* Thu June 04 2026 Amit Upadhyay amitupadhyay@microsoft.com - 1.25.11-2 +- Remove the remaining final bootstrap component to reduce attack surface; the residual bootstrap artifact has had prior vulnerability exposure, so removing it is a security improvement. + * Wed Jun 03 2026 bot-for-go[bot] <199222863+bot-for-go[bot]@users.noreply.github.com> - 1.25.11-1 - Bump version to 1.25.11-1 diff --git a/SPECS/golang/golang.spec b/SPECS/golang/golang.spec index df86ae7fb56..63bf4349f13 100644 --- a/SPECS/golang/golang.spec +++ b/SPECS/golang/golang.spec @@ -15,7 +15,7 @@ Summary: Go Name: golang Version: 1.26.4 -Release: 1%{?dist} +Release: 2%{?dist} License: BSD-3-Clause Vendor: Microsoft Corporation Distribution: Azure Linux @@ -111,6 +111,9 @@ rm -f %{gopath}/src/runtime/*.c ./make.bash --no-clean ) +# Nuke the final bootstrapper. Note: It is not used in any step under install, post, postrun +rm -rf %{_libdir}/golang + %install mkdir -p %{buildroot}%{_bindir} @@ -166,6 +169,9 @@ fi %{_bindir}/* %changelog +* Thu June 04 2026 Amit Upadhyay amitupadhyay@microsoft.com - 1.26.4-2 +- Remove the remaining final bootstrap component to reduce attack surface; the residual bootstrap artifact has had prior vulnerability exposure, so removing it is a security improvement. + * Wed Jun 03 2026 bot-for-go[bot] <199222863+bot-for-go[bot]@users.noreply.github.com> - 1.26.4-1 - Bump version to 1.26.4-1