Snapd and go 1.13 security vulnerabilites

danjpal · April 7, 2023, 6:44pm

I was inquiring about snapd and the continued usage of golang version 1.13. I remember reading that 1.13 was hanging on due to compatibility with ubuntu 16.04. Is this still the case? There are currently 53 vulnerabilities effecting version 1.13 with severities including critical and high. Is there any roadmap to allow snapd to utilize a higher version of golang.

ernestl · April 13, 2023, 1:21pm

Hi danjpal,

v1.18 is undergoing testing, it is expected to become available pretty soon. Will see if I can get you decent date estimate.

danjpal · April 13, 2023, 1:34pm

@ernestl

This is fantastic news. Thank you for the quick reply!

ernestl · April 13, 2023, 3:30pm

There is a good chance that snapd v2.60 will be build using go v1.18.