From c04dba02c07e3513724401ddd3c80407d7739488 Mon Sep 17 00:00:00 2001
From: Ryan Turner <turner@uber.com>
Date: Tue, 1 Nov 2022 12:52:11 -0700
Subject: [PATCH] Prepare v1.3.6 release

Signed-off-by: Ryan Turner <turner@uber.com>
---
 .github/workflows/pr_build.yaml      | 2 +-
 .github/workflows/release_build.yaml | 2 +-
 .go-version                          | 2 +-
 CHANGELOG.md                         | 5 +++++
 4 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/pr_build.yaml b/.github/workflows/pr_build.yaml
index cab8e059ea..414e66368c 100644
--- a/.github/workflows/pr_build.yaml
+++ b/.github/workflows/pr_build.yaml
@@ -3,7 +3,7 @@ on:
   pull_request: {}
   workflow_dispatch: {}
 env:
-  GO_VERSION: 1.18.6
+  GO_VERSION: 1.18.8
 permissions:
   contents: read
 
diff --git a/.github/workflows/release_build.yaml b/.github/workflows/release_build.yaml
index 2935ccf40b..0cb2523d9f 100644
--- a/.github/workflows/release_build.yaml
+++ b/.github/workflows/release_build.yaml
@@ -4,7 +4,7 @@ on:
     tags:
       - 'v[0-9].[0-9]+.[0-9]+'
 env:
-  GO_VERSION: 1.18.6
+  GO_VERSION: 1.18.8
 jobs:
   cache-deps:
     name: cache-deps (linux)
diff --git a/.go-version b/.go-version
index 04a8bc26d1..1a31d398cf 100644
--- a/.go-version
+++ b/.go-version
@@ -1 +1 @@
-1.18.6
+1.18.8
diff --git a/CHANGELOG.md b/CHANGELOG.md
index ec4c4f806e..8004b9bf31 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## [1.3.6] - 2022-11-01
+
+### Security
+- Updated to Go 1.18.8 to address CVE-2022-41716. This vulnerability only affects users configuring external Server or Agent plugins on Windows.
+
 ## [1.3.5] - 2022-10-04
 
 ### Security