From cf2f48efd4ecf68f2502d4443a60477d1e3fb0f5 Mon Sep 17 00:00:00 2001
From: Seth Hoenig <shoenig@duck.com>
Date: Tue, 7 Nov 2023 13:18:07 -0600
Subject: [PATCH] build: update to Go 1.21.4 (#19013)

---
 .changelog/19013.txt             | 3 +++
 .go-version                      | 2 +-
 contributing/README.md           | 2 +-
 scripts/linux-priv-go.sh         | 2 +-
 scripts/release/mac-remote-build | 2 +-
 5 files changed, 7 insertions(+), 4 deletions(-)
 create mode 100644 .changelog/19013.txt

diff --git a/.changelog/19013.txt b/.changelog/19013.txt
new file mode 100644
index 000000000..1cf03eab8
--- /dev/null
+++ b/.changelog/19013.txt
@@ -0,0 +1,3 @@
+```release-note:security
+build: Update to go1.21.4 to resolve Windows path validation CVE in Go
+```
diff --git a/.go-version b/.go-version
index bae5c7f66..20a1265cf 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.21.3
+1.21.4
diff --git a/contributing/README.md b/contributing/README.md
index 90ddd6441..125c35950 100644
--- a/contributing/README.md
+++ b/contributing/README.md
@@ -30,7 +30,7 @@ A development environment is supplied via Vagrant to make getting started easier
 
 Developing without Vagrant
 ---
-1. Install [Go 1.21.3+](https://golang.org/) *(Note: `gcc-go` is not supported)*
+1. Install [Go 1.21.4+](https://golang.org/) *(Note: `gcc-go` is not supported)*
 1. Clone this repo
    ```sh
    $ git clone https://github.com/hashicorp/nomad.git
diff --git a/scripts/linux-priv-go.sh b/scripts/linux-priv-go.sh
index 9a5f76f86..6a2a5338b 100755
--- a/scripts/linux-priv-go.sh
+++ b/scripts/linux-priv-go.sh
@@ -21,7 +21,7 @@ case $(arch) in
 esac
 
 function install_go() {
-	local go_version="1.21.3"
+	local go_version="1.21.4"
 	local download="https://storage.googleapis.com/golang/go${go_version}.linux-${ARCH}.tar.gz"
 
 	if go version 2>&1 | grep -q "${go_version}"; then
diff --git a/scripts/release/mac-remote-build b/scripts/release/mac-remote-build
index 39177e875..8ee6544bc 100755
--- a/scripts/release/mac-remote-build
+++ b/scripts/release/mac-remote-build
@@ -56,7 +56,7 @@ REPO_PATH="${TMP_WORKSPACE}/gopath/src/github.com/hashicorp/nomad"
 mkdir -p "${TMP_WORKSPACE}/tmp"
 
 install_go() {
-  local go_version="1.21.3"
+  local go_version="1.21.4"
   local download=
 
   download="https://storage.googleapis.com/golang/go${go_version}.darwin-amd64.tar.gz"