Sync from SUSE:SLFO:1.1 go1.22-openssl revision 4fbe933304d97c7313f0817c005c062d

go1.22-openssl.changes

@@ -1,3 +1,63 @@
+-------------------------------------------------------------------
+Mon Mar 31 04:24:10 UTC 2025 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- Update to version 1.22.12 cut from the go1.22-fips-release
+  branch at the revision tagged go1.22.12-2-openssl-fips.
+  Refs jsc#SLE-18320
+  * Backport fix to correct usleep asm implementation on s390x for
+    Go1.22 https://go-review.googlesource.com/c/go/+/648915
+
+-------------------------------------------------------------------
+Mon Feb 17 20:13:40 UTC 2025 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- Update to version 1.22.12 cut from the go1.22-fips-release
+  branch at the revision tagged go1.22.12-1-openssl-fips.
+  Refs jsc#SLE-18320
+  * Rebase to Go 1.22.12 (#266)
+
+-------------------------------------------------------------------
+Tue Feb  4 16:39:49 UTC 2025 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.22.12 (released 2025-02-04) includes security fixes to the
+  crypto/elliptic package, as well as bug fixes to the compiler and
+  the go command.
+  Refs boo#1218424 go1.22 release tracking
+  CVE-2025-22866
+  * go#71422 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le
+  * go#71262 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1
+  * go#71229 cmd/compile: broken write barrier
+
+-------------------------------------------------------------------
+Tue Jan 21 09:53:15 UTC 2025  (tag: go1.22.11-1-openssl-fips)
+
+- Update to version 1.22.11 cut from the go1.22-fips-release
+  branch at the revision tagged go1.22.11-1-openssl-fips.
+  Refs jsc#SLE-18320
+  * Rebase to Go1.22.11 to pick fixes for CVE-2024-45341 and
+    CVE-2024-45336 https://go.dev/cl/643103 and
+    https://go.dev/cl/643104
+
+-------------------------------------------------------------------
+Thu Jan 16 20:07:58 UTC 2025 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.22.11 (released 2025-01-16) includes security fixes to the
+  crypto/x509 and net/http packages, as well as bug fixes to the
+  runtime.
+  Refs boo#1218424 go1.22 release tracking
+  CVE-2024-45341 CVE-2024-45336
+  * go#71207 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
+  * go#71210 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect
+  * go#71103 crypto/tls: TestVerifyConnection/TLSv12 failures
+  * go#71146 internal/trace: TestTraceCPUProfile/Stress failures
+
+-------------------------------------------------------------------
+Thu Jan  9 17:44:34 UTC 2025 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- Update to version 1.22.10 cut from the go1.22-fips-release
+  branch at the revision tagged go1.22.10-1-openssl-fips.
+  Refs jsc#SLE-18320
+  * Rebase to 1.22.10 and backport openssl negative tests (#251)
+
 -------------------------------------------------------------------
 Tue Dec 10 02:49:26 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
 
@@ -19,6 +79,16 @@ Thu Dec  5 08:01:10 UTC 2024 - Adrian Schröter <adrian@suse.de>
 
 - Enable loongarch64 builds
 
+-------------------------------------------------------------------
+Tue Dec  3 18:00:04 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.22.10 (released 2024-12-03) includes fixes to the runtime and
+  the syscall package.
+  Refs boo#1218424 go1.22 release tracking
+  * go#70201 syscall: SyscallN always escapes the variadic argument
+  * go#70238 time: TestLoadFixed failures
+  * go#70474 sync/atomic: TestNilDeref flaky failure on windows-386 with runtime fatal error
+
 -------------------------------------------------------------------
 Thu Nov 14 15:41:43 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
 

go1.22-openssl.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package go1.22-openssl
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -122,15 +122,13 @@
 %endif
 
 Name:           go1.22-openssl
-Version:        1.22.9.1
-# Drop our added final dot and digit to define upstream version
-%define shortversion 1.22.9
+Version:        1.22.12
 Release:        0
 Summary:        Go compiler with dynamic linkage to OpenSSL libcrypto for use in FIPS mode
 License:        BSD-3-Clause
 Group:          Development/Languages/Go
 URL:            https://go.dev/
-Source:         https://go.dev/dl/go%{shortversion}.src.tar.gz
+Source:         https://go.dev/dl/go%{version}.src.tar.gz
 Source1:        go-rpmlintrc
 Source4:        README.SUSE
 Source6:        go.gdbinit
@@ -221,7 +219,7 @@ Go runtime race detector libraries. Install this package if you wish to use the
 %setup -q -n go
 # Write go version into VERSION file in go source top level directory.
 # Needed for go build scripts to operate without assuming .git/ present.
-echo -n "go%{shortversion}" > %{_builddir}/go/VERSION
+echo -n "go%{version}" > %{_builddir}/go/VERSION
 %patch -P 7 -p1
 %if %{with gccgo}
 # Currently gcc-go does not manage an update-alternatives entry and will