From 10bffd89c9954d51f12d6ad1da39cf6e61f029a8 Mon Sep 17 00:00:00 2001
From: Ainar Garipov <a.garipov@adguard.com>
Date: Wed, 5 Apr 2023 16:12:09 +0300
Subject: [PATCH] Pull request 1801: upd-go

Merge in DNS/adguard-home from upd-go to master

Squashed commit of the following:

commit 4d6abc98329c794b5ea3f67447dd69ea8b60205c
Author: Ainar Garipov <A.Garipov@AdGuard.COM>
Date:   Wed Apr 5 16:07:29 2023 +0300

    all: upd go, tools, i18n
---
 .github/workflows/build.yml  |  2 +-
 .github/workflows/lint.yml   |  2 +-
 CHANGELOG.md                 |  9 ++++++++-
 bamboo-specs/release.yaml    |  6 +++---
 bamboo-specs/test.yaml       |  2 +-
 client/src/__locales/tr.json |  2 +-
 internal/tools/go.mod        |  6 +++---
 internal/tools/go.sum        | 12 ++++++------
 scripts/make/go-lint.sh      |  2 +-
 9 files changed, 25 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index be43d704..55722840 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -1,7 +1,7 @@
 'name': 'build'
 
 'env':
-  'GO_VERSION': '1.19.7'
+  'GO_VERSION': '1.19.8'
   'NODE_VERSION': '14'
 
 'on':
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
index 8313cfa8..8540e4c9 100644
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@@ -1,7 +1,7 @@
 'name': 'lint'
 
 'env':
-  'GO_VERSION': '1.19.7'
+  'GO_VERSION': '1.19.8'
 
 'on':
   'push':
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d23f99bf..ed6d8236 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -23,6 +23,12 @@ See also the [v0.107.27 GitHub milestone][ms-v0.107.27].
 NOTE: Add new changes BELOW THIS COMMENT.
 -->
 
+### Security
+
+- Go version has been updated to prevent the possibility of exploiting the
+  CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, and CVE-2023-24538 Go
+  vulnerabilities fixed in [Go 1.19.8][go-1.19.8].
+
 ### Added
 
 - The ability to make bootstrap DNS lookups prefer IPv6 addresses to IPv4 ones
@@ -146,7 +152,8 @@ In this release, the schema version has changed from 17 to 20.
 [#5631]: https://github.com/AdguardTeam/AdGuardHome/issues/5631
 [#5639]: https://github.com/AdguardTeam/AdGuardHome/issues/5639
 
-[rfc6761]: https://www.rfc-editor.org/rfc/rfc6761
+[go-1.19.8]: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8/m/OV40vnafAwAJ
+[rfc6761]:   https://www.rfc-editor.org/rfc/rfc6761
 
 <!--
 NOTE: Add new changes ABOVE THIS COMMENT.
diff --git a/bamboo-specs/release.yaml b/bamboo-specs/release.yaml
index 0dce84b7..56fed9b1 100644
--- a/bamboo-specs/release.yaml
+++ b/bamboo-specs/release.yaml
@@ -7,7 +7,7 @@
 # Make sure to sync any changes with the branch overrides below.
 'variables':
   'channel': 'edge'
-  'dockerGo': 'adguard/golang-ubuntu:6.2'
+  'dockerGo': 'adguard/golang-ubuntu:6.3'
 
 'stages':
 - 'Build frontend':
@@ -331,7 +331,7 @@
     # need to build a few of these.
     'variables':
       'channel': 'beta'
-      'dockerGo': 'adguard/golang-ubuntu:6.2'
+      'dockerGo': 'adguard/golang-ubuntu:6.3'
 # release-vX.Y.Z branches are the branches from which the actual final release
 # is built.
 - '^release-v[0-9]+\.[0-9]+\.[0-9]+':
@@ -346,4 +346,4 @@
     # are the ones that actually get released.
     'variables':
       'channel': 'release'
-      'dockerGo': 'adguard/golang-ubuntu:6.2'
+      'dockerGo': 'adguard/golang-ubuntu:6.3'
diff --git a/bamboo-specs/test.yaml b/bamboo-specs/test.yaml
index 38579455..4a54c980 100644
--- a/bamboo-specs/test.yaml
+++ b/bamboo-specs/test.yaml
@@ -5,7 +5,7 @@
   'key': 'AHBRTSPECS'
   'name': 'AdGuard Home - Build and run tests'
 'variables':
-  'dockerGo': 'adguard/golang-ubuntu:6.2'
+  'dockerGo': 'adguard/golang-ubuntu:6.3'
 
 'stages':
 - 'Tests':
diff --git a/client/src/__locales/tr.json b/client/src/__locales/tr.json
index 54aad5e4..bb83a711 100644
--- a/client/src/__locales/tr.json
+++ b/client/src/__locales/tr.json
@@ -413,7 +413,7 @@
     "fix": "Düzelt",
     "dns_providers": "Aralarından seçim yapabileceğiniz, bilinen <0>DNS sağlayıcıların listesi</0>.",
     "update_now": "Şimdi güncelle",
-    "update_failed": "Otomatik güncelleme başarısız oldu. Elle güncellemek için lütfen <a>bu adımları izleyin</a>.",
+    "update_failed": "Otomatik güncellenemedi. Elle güncellemek için lütfen <a>bu adımları izleyin</a>.",
     "manual_update": "Elle güncellemek için lütfen <a>bu adımları uygulayın</a>.",
     "processing_update": "Lütfen bekleyin, AdGuard Home güncelleniyor",
     "clients_title": "Kalıcı istemciler",
diff --git a/internal/tools/go.mod b/internal/tools/go.mod
index 5ccf495b..b52e6e0b 100644
--- a/internal/tools/go.mod
+++ b/internal/tools/go.mod
@@ -10,7 +10,7 @@ require (
 	github.com/kyoh86/looppointer v0.2.1
 	github.com/securego/gosec/v2 v2.15.0
 	golang.org/x/tools v0.7.0
-	golang.org/x/vuln v0.0.0-20230325131008-9550759f8614
+	golang.org/x/vuln v0.0.0-20230404205743-41aec7335792
 	honnef.co/go/tools v0.4.3
 	mvdan.cc/gofumpt v0.4.0
 	mvdan.cc/unparam v0.0.0-20230312165513-e84e2d14e3b8
@@ -26,8 +26,8 @@ require (
 	github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect
 	golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect
 	golang.org/x/exp/typeparams v0.0.0-20230321023759-10a507213a29 // indirect
-	golang.org/x/mod v0.9.0 // indirect
+	golang.org/x/mod v0.10.0 // indirect
 	golang.org/x/sync v0.1.0 // indirect
-	golang.org/x/sys v0.6.0 // indirect
+	golang.org/x/sys v0.7.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/internal/tools/go.sum b/internal/tools/go.sum
index 7cfd2d3f..82a84b72 100644
--- a/internal/tools/go.sum
+++ b/internal/tools/go.sum
@@ -55,8 +55,8 @@ golang.org/x/exp/typeparams v0.0.0-20230321023759-10a507213a29/go.mod h1:AbB0pIl
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY=
-golang.org/x/mod v0.9.0 h1:KENHtAZL2y3NLMYZeHY9DW8HW8V+kQyJsY/V9JlKvCs=
-golang.org/x/mod v0.9.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
+golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk=
+golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
@@ -78,8 +78,8 @@ golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20211019181941-9d821ace8654/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.6.0 h1:MVltZSvRTcU2ljQOhs94SXPftV6DCNnZViHeQps87pQ=
-golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.7.0 h1:3jlCCIQZPdOYu1h8BkNvLz8Kgwtae2cagcG/VamtZRU=
+golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
@@ -93,8 +93,8 @@ golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
 golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E=
 golang.org/x/tools v0.7.0 h1:W4OVu8VVOaIO0yzWMNdepAulS7YfoS3Zabrm8DOXXU4=
 golang.org/x/tools v0.7.0/go.mod h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s=
-golang.org/x/vuln v0.0.0-20230325131008-9550759f8614 h1:ioRvkxpf+3iq9xvzP6AWjaBuROUad9SmjLr0QWBzxKw=
-golang.org/x/vuln v0.0.0-20230325131008-9550759f8614/go.mod h1:64LpnL2PuSMzFYeCmJjYiRbroOUG9aCZYznINnF5PHE=
+golang.org/x/vuln v0.0.0-20230404205743-41aec7335792 h1:NybXXIgk5dslpSHRStwyfI74htFvi9Cyk3mCr9ubE2I=
+golang.org/x/vuln v0.0.0-20230404205743-41aec7335792/go.mod h1:8gQW8OCBfaUiPaWAPDQf/9V1w+ymmmB/05SwB/EXZNs=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/scripts/make/go-lint.sh b/scripts/make/go-lint.sh
index 99febacc..78a598e1 100644
--- a/scripts/make/go-lint.sh
+++ b/scripts/make/go-lint.sh
@@ -35,7 +35,7 @@ set -f -u
 go_version="$( "${GO:-go}" version )"
 readonly go_version
 
-go_min_version='go1.19.7'
+go_min_version='go1.19.8'
 go_version_msg="
 warning: your go version (${go_version}) is different from the recommended minimal one (${go_min_version}).
 if you have the version installed, please set the GO environment variable.