From 00fd69e6efafe4122732752dfd7f28a978d48f56 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Fri, 7 Feb 2025 16:16:31 +0100 Subject: [PATCH] Sync from SUSE:ALP:Source:Standard:1.0 go1.22 revision c74faadef678bfa303d3d8fbdff9d13c --- go1.22.10.src.tar.gz | 3 --- go1.22.12.src.tar.gz | 3 +++ go1.22.changes | 30 ++++++++++++++++++++++++++++++ go1.22.spec | 6 +++--- 4 files changed, 36 insertions(+), 6 deletions(-) delete mode 100644 go1.22.10.src.tar.gz create mode 100644 go1.22.12.src.tar.gz diff --git a/go1.22.10.src.tar.gz b/go1.22.10.src.tar.gz deleted file mode 100644 index a089969..0000000 --- a/go1.22.10.src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1e94fd48be750d1fafb4d9b3b6dd31a6e9d2735d339bf2462bc97b64ca4c1037 -size 27565306 diff --git a/go1.22.12.src.tar.gz b/go1.22.12.src.tar.gz new file mode 100644 index 0000000..77a033e --- /dev/null +++ b/go1.22.12.src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:012a7e1f37f362c0918c1dfa3334458ac2da1628c4b9cf4d9ca02db986e17d71 +size 27566409 diff --git a/go1.22.changes b/go1.22.changes index f5873f9..a5750a5 100644 --- a/go1.22.changes +++ b/go1.22.changes @@ -1,3 +1,33 @@ +------------------------------------------------------------------- +Tue Feb 4 16:39:49 UTC 2025 - Jeff Kowalczyk + +- go1.22.12 (released 2025-02-04) includes security fixes to the + crypto/elliptic package, as well as bug fixes to the compiler and + the go command. + Refs boo#1218424 go1.22 release tracking + CVE-2025-22866 + * go#71422 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le + * go#71262 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1 + * go#71229 cmd/compile: broken write barrier + +------------------------------------------------------------------- +Thu Jan 16 20:07:58 UTC 2025 - Jeff Kowalczyk + +- go1.22.11 (released 2025-01-16) includes security fixes to the + crypto/x509 and net/http packages, as well as bug fixes to the + runtime. + Refs boo#1218424 go1.22 release tracking + CVE-2024-45341 CVE-2024-45336 + * go#71207 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints + * go#71210 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect + * go#71103 crypto/tls: TestVerifyConnection/TLSv12 failures + * go#71146 internal/trace: TestTraceCPUProfile/Stress failures + +------------------------------------------------------------------- +Thu Dec 5 08:01:10 UTC 2024 - Adrian Schröter + +- Enable loongarch64 builds + ------------------------------------------------------------------- Tue Dec 3 18:00:04 UTC 2024 - Jeff Kowalczyk diff --git a/go1.22.spec b/go1.22.spec index a241023..0fb321a 100644 --- a/go1.22.spec +++ b/go1.22.spec @@ -1,7 +1,7 @@ # # spec file for package go1.22 # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -122,7 +122,7 @@ %endif Name: go1.22 -Version: 1.22.10 +Version: 1.22.12 Release: 0 Summary: A compiled, garbage-collected, concurrent programming language License: BSD-3-Clause @@ -171,7 +171,7 @@ Obsoletes: go-devel < go%{version} # go-vim/emacs were separate projects starting from 1.4 Obsoletes: go-emacs <= 1.3.3 Obsoletes: go-vim <= 1.3.3 -ExclusiveArch: %ix86 x86_64 %arm aarch64 ppc64 ppc64le s390x riscv64 +ExclusiveArch: %ix86 x86_64 %arm aarch64 ppc64 ppc64le s390x riscv64 loongarch64 %description Go is an expressive, concurrent, garbage collected systems programming language