Sync from SUSE:ALP:Source:Standard:1.0 go1.22 revision c5a1edbf4f6eda8488e666998c024e86
This commit is contained in:
parent
27386d75d6
commit
6f29796dd9
BIN
go1.22.2.src.tar.gz
(Stored with Git LFS)
BIN
go1.22.2.src.tar.gz
(Stored with Git LFS)
Binary file not shown.
BIN
go1.22.7.src.tar.gz
(Stored with Git LFS)
Normal file
BIN
go1.22.7.src.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,3 +1,96 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 5 15:20:28 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.22.7 (released 2024-09-05) includes security fixes to the
|
||||
encoding/gob, go/build/constraint, and go/parser packages, as
|
||||
well as bug fixes to the fix command and the runtime.
|
||||
Refs boo#1218424 go1.22 release tracking
|
||||
CVE-2024-34155 CVE-2024-34156 CVE-2024-34158
|
||||
- go#69142 go#69138 boo#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)
|
||||
- go#69144 go#69139 boo#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)
|
||||
- go#69148 go#69141 boo#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)
|
||||
- go#68811 os: TestChtimes failures
|
||||
- go#68825 cmd/fix: fails to run on modules whose go directive value is in "1.n.m" format introduced in Go 1.21.0
|
||||
- go#68972 cmd/cgo: aix c-archive corrupting stack
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 6 17:39:11 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.22.6 (released 2024-08-06) includes fixes to the go command,
|
||||
the compiler, the linker, the trace command, the covdata command,
|
||||
and the bytes, go/types, and os/exec packages.
|
||||
Refs boo#1218424 go1.22 release tracking
|
||||
* go#68594 cmd/compile: internal compiler error with zero-size types
|
||||
* go#68546 cmd/trace/v2: pprof profiles always empty
|
||||
* go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop
|
||||
* go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm
|
||||
* go#68370 go/types: assertion failure in recent range statement checking logic
|
||||
* go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows
|
||||
* go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race
|
||||
* go#68222 cmd/go: list with -export and -covermode=atomic fails to build
|
||||
* go#68198 cmd/link: issues with Xcode 16 beta
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 2 18:51:45 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.22.5 (released 2024-07-02) includes security fixes to the
|
||||
net/http package, as well as bug fixes to the compiler, cgo, the
|
||||
go command, the linker, the runtime, and the crypto/tls,
|
||||
go/types, net, net/http, and os/exec packages.
|
||||
Refs boo#1218424 go1.22 release tracking
|
||||
CVE-2024-24791
|
||||
* go#68200 go#67555 boo#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways
|
||||
* go#65983 cmd/compile: hash of unhashable type
|
||||
* go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault()
|
||||
* go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without ".exe" no longer implicitly adds ".exe" in Go 1.22
|
||||
* go#67298 runtime: "fatal: morestack on g0" on amd64 after upgrade to Go 1.21, stale bounds
|
||||
* go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders
|
||||
* go#67798 cmd/compile: internal compiler error: unexpected type: <nil> (<nil>) in for-range
|
||||
* go#67820 cmd/compile: package-level variable initialization with constant dependencies doesn't match order specified in Go spec
|
||||
* go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0
|
||||
* go#67934 net: go DNS resolver fails to connect to local DNS server
|
||||
* go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure
|
||||
* go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N)
|
||||
* go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT))
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 4 18:08:59 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.22.4 (released 2024-06-04) includes security fixes to the
|
||||
archive/zip and net/netip packages, as well as bug fixes to the
|
||||
compiler, the go command, the linker, the runtime, and the os
|
||||
package.
|
||||
Refs boo#1218424 go1.22 release tracking
|
||||
CVE-2024-24789 CVE-2024-24790
|
||||
* go#67554 go#66869 boo#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations
|
||||
* go#67682 go#67680 boo#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
|
||||
* go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes
|
||||
* go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64
|
||||
* go#67236 cmd/go: mod tidy reports toolchain not available with 'go 1.21'
|
||||
* go#67258 runtime: unexpected fault address 0
|
||||
* go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally
|
||||
* go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID
|
||||
* go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections
|
||||
* go#67460 cmd/compile: internal compiler error: panic with range over integer value
|
||||
* go#67527 cmd/link: panic: machorelocsect: size mismatch
|
||||
* go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start
|
||||
* go#67696 os: RemoveAll susceptible to symlink race
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 7 16:00:41 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.22.3 (released 2024-05-07) includes security fixes to the go
|
||||
command and the net package, as well as bug fixes to the
|
||||
compiler, the runtime, and the net/http package.
|
||||
Refs boo#1218424 go1.22 release tracking
|
||||
CVE-2024-24787 CVE-2024-24788
|
||||
* go#67122 go#67119 boo#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
|
||||
* go#67040 go#66754 boo#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode
|
||||
* go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
|
||||
* go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
|
||||
* go#66886 runtime: deterministic fallback hashes across process boundary
|
||||
* go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 3 15:35:18 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
|
||||
@ -122,7 +122,7 @@
|
||||
%endif
|
||||
|
||||
Name: go1.22
|
||||
Version: 1.22.2
|
||||
Version: 1.22.7
|
||||
Release: 0
|
||||
Summary: A compiled, garbage-collected, concurrent programming language
|
||||
License: BSD-3-Clause
|
||||
|
||||
Loading…
Reference in New Issue
Block a user