diff --git a/go1.23.0.src.tar.gz b/go1.23.0.src.tar.gz deleted file mode 100644 index bf7da5c..0000000 --- a/go1.23.0.src.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:42b7a8e80d805daa03022ed3fde4321d4c3bf2c990a144165d01eeecd6f699c6 -size 28163301 diff --git a/go1.23.1.src.tar.gz b/go1.23.1.src.tar.gz new file mode 100644 index 0000000..89cf06f --- /dev/null +++ b/go1.23.1.src.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:6ee44e298379d146a5e5aa6b1c5b5d5f5d0a3365eabdd70741e6e21340ec3b0d +size 28164249 diff --git a/go1.23.changes b/go1.23.changes index 2ee9d2d..d74ef4e 100644 --- a/go1.23.changes +++ b/go1.23.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Thu Sep 5 15:20:23 UTC 2024 - Jeff Kowalczyk + +- go1.23.1 (released 2024-09-05) includes security fixes to the + encoding/gob, go/build/constraint, and go/parser packages, as + well as bug fixes to the compiler, the go command, the runtime, + and the database/sql, go/types, os, runtime/trace, and unique + packages. + Refs boo#1229122 go1.23 release tracking + CVE-2024-34155 CVE-2024-34156 CVE-2024-34158 + - go#69143 go#69138 boo#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions + - go#69145 go#69139 boo#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode + - go#69149 go#69141 boo#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse + - go#68812 os: TestChtimes failures + - go#68894 go/types: 'under' panics on Alias type + - go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing + - go#68907 os: CopyFS overwrites existing file in destination. + - go#68973 cmd/cgo: aix c-archive corrupting stack + - go#68992 unique: panic when calling unique.Make with string casted as any + - go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE + - go#68995 cmd/go: multi-arch build via qemu fails to exec go binary + - go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex + - go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine + - go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode + ------------------------------------------------------------------- Tue Aug 13 16:16:34 UTC 2024 - Jeff Kowalczyk diff --git a/go1.23.spec b/go1.23.spec index 888fc51..06e6745 100644 --- a/go1.23.spec +++ b/go1.23.spec @@ -122,7 +122,7 @@ %endif Name: go1.23 -Version: 1.23.0 +Version: 1.23.1 Release: 0 Summary: A compiled, garbage-collected, concurrent programming language License: BSD-3-Clause