From 7e4e78278c2b22743f0b61e23848ef8303f82ad6 Mon Sep 17 00:00:00 2001
From: Francis Laniel <flaniel@linux.microsoft.com>
Date: Mon, 7 Oct 2024 10:50:03 +0200
Subject: [PATCH] ig: Bump to v0.37.0.

Changelog: https://github.com/inspektor-gadget/inspektor-gadget/releases/tag/v0.37.0
Signed-off-by: Francis Laniel <flaniel@linux.microsoft.com>
---
 SPECS/ig/CVE-2024-45338.patch | 63 -----------------------------------
 SPECS/ig/ig.signatures.json   |  6 ++--
 SPECS/ig/ig.spec              | 10 ++++--
 cgmanifest.json               |  4 +--
 4 files changed, 12 insertions(+), 71 deletions(-)
 delete mode 100644 SPECS/ig/CVE-2024-45338.patch

diff --git a/SPECS/ig/CVE-2024-45338.patch b/SPECS/ig/CVE-2024-45338.patch
deleted file mode 100644
index 16c45e19f71..00000000000
--- a/SPECS/ig/CVE-2024-45338.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From b19ec2e436cdacc39d10fbc8d74e8b44eb18082a Mon Sep 17 00:00:00 2001
-From: Rohit Rawat <xordux@gmail.com>
-Date: Thu, 2 Jan 2025 10:22:13 +0000
-Subject: [PATCH] Fix CVE CVE-2024-45338 in ig
-
----
- vendor/golang.org/x/net/html/doctype.go | 2 +-
- vendor/golang.org/x/net/html/foreign.go | 3 +--
- vendor/golang.org/x/net/html/parse.go   | 4 ++--
- 3 files changed, 4 insertions(+), 5 deletions(-)
-
-diff --git a/vendor/golang.org/x/net/html/doctype.go b/vendor/golang.org/x/net/html/doctype.go
-index c484e5a..bca3ae9 100644
---- a/vendor/golang.org/x/net/html/doctype.go
-+++ b/vendor/golang.org/x/net/html/doctype.go
-@@ -87,7 +87,7 @@ func parseDoctype(s string) (n *Node, quirks bool) {
- 			}
- 		}
- 		if lastAttr := n.Attr[len(n.Attr)-1]; lastAttr.Key == "system" &&
--			strings.ToLower(lastAttr.Val) == "http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd" {
-+			strings.EqualFold(lastAttr.Val, "http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd") {
- 			quirks = true
- 		}
- 	}
-diff --git a/vendor/golang.org/x/net/html/foreign.go b/vendor/golang.org/x/net/html/foreign.go
-index 9da9e9d..e8515d8 100644
---- a/vendor/golang.org/x/net/html/foreign.go
-+++ b/vendor/golang.org/x/net/html/foreign.go
-@@ -40,8 +40,7 @@ func htmlIntegrationPoint(n *Node) bool {
- 		if n.Data == "annotation-xml" {
- 			for _, a := range n.Attr {
- 				if a.Key == "encoding" {
--					val := strings.ToLower(a.Val)
--					if val == "text/html" || val == "application/xhtml+xml" {
-+					if strings.EqualFold(a.Val, "text/html") || strings.EqualFold(a.Val, "application/xhtml+xml") {
- 						return true
- 					}
- 				}
-diff --git a/vendor/golang.org/x/net/html/parse.go b/vendor/golang.org/x/net/html/parse.go
-index 46a89ed..5b8374b 100644
---- a/vendor/golang.org/x/net/html/parse.go
-+++ b/vendor/golang.org/x/net/html/parse.go
-@@ -1031,7 +1031,7 @@ func inBodyIM(p *parser) bool {
- 			if p.tok.DataAtom == a.Input {
- 				for _, t := range p.tok.Attr {
- 					if t.Key == "type" {
--						if strings.ToLower(t.Val) == "hidden" {
-+						if strings.EqualFold(t.Val, "hidden") {
- 							// Skip setting framesetOK = false
- 							return true
- 						}
-@@ -1459,7 +1459,7 @@ func inTableIM(p *parser) bool {
- 			return inHeadIM(p)
- 		case a.Input:
- 			for _, t := range p.tok.Attr {
--				if t.Key == "type" && strings.ToLower(t.Val) == "hidden" {
-+				if t.Key == "type" && strings.EqualFold(t.Val, "hidden") {
- 					p.addElement()
- 					p.oe.pop()
- 					return true
--- 
-2.39.4
-
diff --git a/SPECS/ig/ig.signatures.json b/SPECS/ig/ig.signatures.json
index 89c9aa98341..07f4cc7d798 100644
--- a/SPECS/ig/ig.signatures.json
+++ b/SPECS/ig/ig.signatures.json
@@ -1,6 +1,6 @@
 {
  "Signatures": {
-  "ig-0.32.0-govendor-v1.tar.gz": "daeb58510a1796dd76a78ac61c421630a61f5589f0ee3f35949500d731edb7bd",
-  "ig-0.32.0.tar.gz": "f0d0840974d4f2c724824949a8ec3fb0eeac6945a730f84345382824e4c49c4d"
+  "ig-0.37.0-govendor-v1.tar.gz": "bc05262d7dc5a4585e8d9f8cac81577046312d5a7361c57c8280b826b81196ba",
+  "ig-0.37.0.tar.gz": "dde011c72ac3ccd4943b58bd9d240dcd6311c82a6c89904ecb77b86f727fe420"
  }
-}
\ No newline at end of file
+}
diff --git a/SPECS/ig/ig.spec b/SPECS/ig/ig.spec
index 53ef0198d66..bbc2038dd76 100644
--- a/SPECS/ig/ig.spec
+++ b/SPECS/ig/ig.spec
@@ -1,7 +1,7 @@
 Summary:        The eBPF tool and systems inspection framework for Kubernetes, containers and Linux hosts.
 Name:           ig
-Version:        0.32.0
-Release:        3%{?dist}
+Version:        0.37.0
+Release:        1%{?dist}
 License:        Apache 2.0 and GPL 2.0 for eBPF code
 Vendor:         Microsoft Corporation
 Distribution:   Azure Linux
@@ -10,7 +10,7 @@ URL:            https://github.com/inspektor-gadget/inspektor-gadget
 Source0:        https://github.com/inspektor-gadget/inspektor-gadget/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source1:        %{name}-%{version}-govendor-v1.tar.gz
 Patch0:         CVE-2024-45338.patch
-BuildRequires:  golang < 1.23
+BuildRequires:  golang >= 1.23
 
 
 %description
@@ -66,6 +66,10 @@ fi
 %{_bindir}/ig
 
 %changelog
+* Mon Feb 03 2025 Francis Laniel <flaniel@linux.microsoft.com> - 0.37.0-1
+- Bump to version 0.37.0
+- Drop patch for CVE-2024-45338 as it was fixed in golang.org/x/net 0.33.0 and ig uses 0.34.0.
+
 * Tue Dec 31 2024 Rohit Rawat <rohitrawat@microsoft.com> - 0.32.0-3
 - Add patch for CVE-2024-45338
 
diff --git a/cgmanifest.json b/cgmanifest.json
index d77861bcef0..55f51bb2d63 100644
--- a/cgmanifest.json
+++ b/cgmanifest.json
@@ -7171,8 +7171,8 @@
         "type": "other",
         "other": {
           "name": "ig",
-          "version": "0.32.0",
-          "downloadUrl": "https://github.com/inspektor-gadget/inspektor-gadget/archive/refs/tags/v0.32.0.tar.gz"
+          "version": "0.37.0",
+          "downloadUrl": "https://github.com/inspektor-gadget/inspektor-gadget/archive/refs/tags/v0.37.0.tar.gz"
         }
       }
     },