Sync from SUSE:SLFO:Main go1.22 revision b01c88b7e8809340bcd3b74f50c8bc8c

2024-05-31 16:01:01 +02:00
parent a1fe298a7d
commit f264b89f51
4 changed files with 19 additions and 4 deletions
--- a/go1.22.2.src.tar.gz
+++ b/go1.22.2.src.tar.gz
--- a/go1.22.3.src.tar.gz
+++ b/go1.22.3.src.tar.gz
--- a/go1.22.changes
+++ b/go1.22.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Tue May  7 16:00:41 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.22.3 (released 2024-05-07) includes security fixes to the go
+  command and the net package, as well as bug fixes to the
+  compiler, the runtime, and the net/http package.
+  Refs boo#1218424 go1.22 release tracking
+  CVE-2024-24787 CVE-2024-24788
+  * go#67122 go#67119 boo#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
+  * go#67040 go#66754 boo#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode
+  * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
+  * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
+  * go#66886 runtime: deterministic fallback hashes across process boundary
+  * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
+
 -------------------------------------------------------------------
 Wed Apr  3 15:35:18 UTC 2024 - Jeff Kowalczyk <jkowalczyk@suse.com>

--- a/go1.22.spec
+++ b/go1.22.spec
@@ -122,7 +122,7 @@
 %endif

 Name:           go1.22
-Version:        1.22.2
+Version:        1.22.3
 Release:        0
 Summary:        A compiled, garbage-collected, concurrent programming language
 License:        BSD-3-Clause