Sync from SUSE:ALP:Source:Standard:1.0 go1.21 revision cdf03961a614b1c403f8b2a377eb4433

go1.21.changes

@@ -1,3 +1,59 @@
+-------------------------------------------------------------------
+Tue Aug  6 17:39:08 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.21.13 (released 2024-08-06) includes fixes to the go command,
+  the covdata command, and the bytes package.
+  Refs boo#1212475 go1.21 release tracking
+  * go#68491 cmd/covdata: too many open files due to defer f.Close() in for loop
+  * go#68474 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm
+  * go#68221 cmd/go: list with -export and -covermode=atomic fails to build
+
+-------------------------------------------------------------------
+Tue Jul  2 18:51:48 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.21.12 (released 2024-07-02) includes security fixes to the
+  net/http package, as well as bug fixes to the compiler, the go
+  command, the runtime, and the crypto/x509, net/http, net/netip,
+  and os packages.
+  Refs boo#1212475 go1.21 release tracking
+  CVE-2024-24791
+  * go#68199 go#67555 boo#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways
+  * go#67297 runtime: "fatal: morestack on g0" on amd64 after upgrade to Go 1.21, stale bounds
+  * go#67426 cmd/link: need to handle new-style loong64 relocs
+  * go#67714 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders
+  * go#67849 go/internal/gccgoimporter: go building failing with gcc 14.1.0
+  * go#67933 net: go DNS resolver fails to connect to local DNS server
+  * go#67944 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure
+  * go#68051 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N)
+
+-------------------------------------------------------------------
+Tue Jun  4 18:11:01 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.21.11 (released 2024-06-04) includes security fixes to the
+  archive/zip and net/netip packages, as well as bug fixes to the
+  compiler, the go command, the runtime, and the os package.
+  Refs boo#1212475 go1.21 release tracking
+  CVE-2024-24789 CVE-2024-24790
+  * go#67553 go#66869 boo#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations
+  * go#67681 go#67680 boo#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
+  * go#64586 cmd/go: spurious "v1.x.y is not a tag" error when a tag's commit was previously download without the tag
+  * go#67164 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64
+  * go#67187 runtime/metrics: /memory/classes/heap/unused:bytes spikes
+  * go#67235 cmd/go: mod tidy reports toolchain not available with 'go 1.21'
+  * go#67310 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally
+  * go#67351 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections
+  * go#67695 os: RemoveAll susceptible to symlink race
+
+-------------------------------------------------------------------
+Tue May  7 16:00:50 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.21.10 (released 2024-05-07) includes security fixes to the go
+  command, as well as bug fixes to the net/http package.
+  Refs boo#1212475 go1.21 release tracking
+  CVE-2024-24787
+  * go#67121 go#67119 boo#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
+  * go#66697 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
+
 -------------------------------------------------------------------
 Wed Apr  3 15:35:16 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
 

go1.21.spec

@@ -126,7 +126,7 @@
 %endif
 
 Name:           go1.21
-Version:        1.21.9
+Version:        1.21.13
 Release:        0
 Summary:        A compiled, garbage-collected, concurrent programming language
 License:        BSD-3-Clause