From 35055fedee9d411bb7fce03485578ef9e8f67b2f Mon Sep 17 00:00:00 2001
From: Dimitar Dimitrov <dimitar.dimitrov@grafana.com>
Date: Thu, 4 Jul 2024 11:27:56 +0200
Subject: [PATCH 1/3] Upgrade golang to 1.22.5

This addresses [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791)

Signed-off-by: Dimitar Dimitrov <dimitar.dimitrov@grafana.com>
---
 mimir-build-image/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mimir-build-image/Dockerfile b/mimir-build-image/Dockerfile
index e04346846f..b5983411dd 100644
--- a/mimir-build-image/Dockerfile
+++ b/mimir-build-image/Dockerfile
@@ -5,7 +5,7 @@
 
 FROM registry.k8s.io/kustomize/kustomize:v5.4.1 as kustomize
 FROM alpine/helm:3.14.4 as helm
-FROM golang:1.22.4-bookworm
+FROM golang:1.22.5-bookworm
 ARG goproxyValue
 ENV GOPROXY=${goproxyValue}
 ENV SKOPEO_DEPS="libgpgme-dev libassuan-dev libbtrfs-dev libdevmapper-dev pkg-config"

From 4d4e4d8c0fa6a145e452243e38b78b26e1654894 Mon Sep 17 00:00:00 2001
From: dimitarvdimitrov <dimitarvdimitrov@users.noreply.github.com>
Date: Thu, 4 Jul 2024 10:03:33 +0000
Subject: [PATCH 2/3] Update build image version to pr8600-8a8fd767c7

---
 Makefile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile b/Makefile
index 2b72473f8e..21e65cae67 100644
--- a/Makefile
+++ b/Makefile
@@ -275,7 +275,7 @@ mimir-build-image/$(UPTODATE): mimir-build-image/*
 # All the boiler plate for building golang follows:
 SUDO := $(shell docker info >/dev/null 2>&1 || echo "sudo -E")
 BUILD_IN_CONTAINER ?= true
-LATEST_BUILD_IMAGE_TAG ?= pr8534-a0bb2974fb
+LATEST_BUILD_IMAGE_TAG ?= pr8600-8a8fd767c7
 
 # TTY is parameterized to allow Google Cloud Builder to run builds,
 # as it currently disallows TTY devices. This value needs to be overridden

From c03971e82208b71ba165649ccf243c17d8d0f1ef Mon Sep 17 00:00:00 2001
From: Dimitar Dimitrov <dimitar.dimitrov@grafana.com>
Date: Thu, 4 Jul 2024 13:05:25 +0200
Subject: [PATCH 3/3] Add CHANGELOG.md entry

Signed-off-by: Dimitar Dimitrov <dimitar.dimitrov@grafana.com>
---
 CHANGELOG.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index b0f8ee6249..900007455a 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -184,6 +184,7 @@
 * [BUGFIX] Querier: fix edge case where bucket indexes are sometimes cached forever instead of with the expected TTL. #8343
 * [BUGFIX] OTLP handler: fix errors returned by OTLP handler when used via httpgrpc tunneling. #8363
 * [BUGFIX] Update `github.com/hashicorp/go-retryablehttp` to address [CVE-2024-6104](https://github.com/advisories/GHSA-v6v8-xj6m-xwqh). #8539
+* [BUGFIX] Upgrade golang to 1.22.5 to address [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791). #8600
 
 ### Mixin