[release-2.13] Upgrade golang to 1.22.5 (#8604)

* Upgrade golang to 1.22.5 (#8600)

* Upgrade golang to 1.22.5

This addresses [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791)

Signed-off-by: Dimitar Dimitrov <[email protected]>

* Update build image version to pr8600-8a8fd767c7

* Add CHANGELOG.md entry

Signed-off-by: Dimitar Dimitrov <[email protected]>

---------

Signed-off-by: Dimitar Dimitrov <[email protected]>
Co-authored-by: dimitarvdimitrov <[email protected]>
(cherry picked from commit ddea70b)

* Update Makefile

* Update build image version to pr8604-40bd216be4

---------

Co-authored-by: dimitarvdimitrov <[email protected]>

CHANGELOG.md

@@ -103,6 +103,7 @@
 * [BUGFIX] Alertmanager: Fixes a number of bugs in silences which could cause an existing silence to be deleted/expired when updating the silence failed. This could happen when the replacing silence was invalid or exceeded limits. #8525
 * [BUGFIX] Alertmanager: Fix per-tenant silence limits not reloaded during runtime. #8456
 * [BUGFIX] Alertmanager: Fix help message for utf-8-strict-mode. #8572
+* [BUGFIX] Upgrade golang to 1.22.5 to address [CVE-2024-24791](https://nvd.nist.gov/vuln/detail/CVE-2024-24791). #8600
 
 ### Mixin
 

Makefile

@@ -275,7 +275,7 @@ mimir-build-image/$(UPTODATE): mimir-build-image/*
 # All the boiler plate for building golang follows:
 SUDO := $(shell docker info >/dev/null 2>&1 || echo "sudo -E")
 BUILD_IN_CONTAINER ?= true
-LATEST_BUILD_IMAGE_TAG ?= pr8347-55c99be7fb
+LATEST_BUILD_IMAGE_TAG ?= pr8604-40bd216be4
 
 # TTY is parameterized to allow Google Cloud Builder to run builds,
 # as it currently disallows TTY devices. This value needs to be overridden

mimir-build-image/Dockerfile

@@ -5,7 +5,7 @@
 
 FROM registry.k8s.io/kustomize/kustomize:v5.4.1 as kustomize
 FROM alpine/helm:3.14.4 as helm
-FROM golang:1.22.4-bookworm
+FROM golang:1.22.5-bookworm
 ARG goproxyValue
 ENV GOPROXY=${goproxyValue}
 ENV SKOPEO_DEPS="libgpgme-dev libassuan-dev libbtrfs-dev libdevmapper-dev pkg-config"