From c83801bed9c6680ed44a9accde3eff91a73efb88 Mon Sep 17 00:00:00 2001
From: Michael Zalimeni <michael.zalimeni@hashicorp.com>
Date: Wed, 2 Aug 2023 14:00:25 +0000
Subject: [PATCH] backport of commit 9e249f95b428694f6a1bb139b191b462d29ab73a

---
 .changelog/18358.txt                     |  4 ++++
 .github/workflows/build.yml              | 22 +++++++++++-----------
 build-support/docker/Build-Go.dockerfile |  2 +-
 3 files changed, 16 insertions(+), 12 deletions(-)
 create mode 100644 .changelog/18358.txt

diff --git a/.changelog/18358.txt b/.changelog/18358.txt
new file mode 100644
index 0000000000000..aa7bf851df5d5
--- /dev/null
+++ b/.changelog/18358.txt
@@ -0,0 +1,4 @@
+```release-note:security
+Upgrade to use Go 1.20.7.
+This resolves (https://nvd.nist.gov/vuln/detail/CVE-2023-29409)(`crypto/tls`).
+```
\ No newline at end of file
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index eb5fc674f6280..4e405e38a8acd 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -84,15 +84,15 @@ jobs:
     strategy:
       matrix:
         include:
-          - {go: "1.20.6", goos: "linux", goarch: "386"}
-          - {go: "1.20.6", goos: "linux", goarch: "amd64"}
-          - {go: "1.20.6", goos: "linux", goarch: "arm"}
-          - {go: "1.20.6", goos: "linux", goarch: "arm64"}
-          - {go: "1.20.6", goos: "freebsd", goarch: "386"}
-          - {go: "1.20.6", goos: "freebsd", goarch: "amd64"}
-          - {go: "1.20.6", goos: "windows", goarch: "386"}
-          - {go: "1.20.6", goos: "windows", goarch: "amd64"}
-          - {go: "1.20.6", goos: "solaris", goarch: "amd64"}
+          - {go: "1.20.7", goos: "linux", goarch: "386"}
+          - {go: "1.20.7", goos: "linux", goarch: "amd64"}
+          - {go: "1.20.7", goos: "linux", goarch: "arm"}
+          - {go: "1.20.7", goos: "linux", goarch: "arm64"}
+          - {go: "1.20.7", goos: "freebsd", goarch: "386"}
+          - {go: "1.20.7", goos: "freebsd", goarch: "amd64"}
+          - {go: "1.20.7", goos: "windows", goarch: "386"}
+          - {go: "1.20.7", goos: "windows", goarch: "amd64"}
+          - {go: "1.20.7", goos: "solaris", goarch: "amd64"}
       fail-fast: true
 
     name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
@@ -181,7 +181,7 @@ jobs:
     strategy:
       matrix:
         include:
-          - {go: "1.20.6", goos: "linux", goarch: "s390x"}
+          - {go: "1.20.7", goos: "linux", goarch: "s390x"}
       fail-fast: true
 
     name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
@@ -232,7 +232,7 @@ jobs:
       matrix:
         goos: [ darwin ]
         goarch: [ "amd64", "arm64" ]
-        go: [ "1.20.6" ]
+        go: [ "1.20.7" ]
       fail-fast: true
 
     name: Go ${{ matrix.go }} ${{ matrix.goos }} ${{ matrix.goarch }} build
diff --git a/build-support/docker/Build-Go.dockerfile b/build-support/docker/Build-Go.dockerfile
index 5f0732cf252ee..c5b3c8394ea38 100644
--- a/build-support/docker/Build-Go.dockerfile
+++ b/build-support/docker/Build-Go.dockerfile
@@ -1,7 +1,7 @@
 # Copyright (c) HashiCorp, Inc.
 # SPDX-License-Identifier: MPL-2.0
 
-ARG GOLANG_VERSION=1.20.6
+ARG GOLANG_VERSION=1.20.7
 FROM golang:${GOLANG_VERSION}
 
 WORKDIR /consul