Accepting request 929548 from home:jfkw:branches:devel:languages:go

- go1.17.3 (released 2021-11-04) includes security fixes to the
  archive/zip and debug/macho packages, as well as bug fixes to the
  compiler, linker, runtime, the go command, the misc/wasm
  directory, and to the net/http and syscall packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2021-41771 CVE-2021-41772
  * boo#1192377 go#48990 CVE-2021-41771
  * go#48992 debug/macho: invalid dynamic symbol table command can cause panic
  * boo#1192378 go#48085 CVE-2021-41772
  * go#48252 archive/zip: Reader.Open panics on empty string
  * go#49199 cmd/go: go list all breaks in //go:build-only repos
  * go#49154 misc/wasm, cmd/link: Go 1.17.2 causes WASM builds to throw command line too long with many environment variables
  * go#49086 cmd/link: -buildmode=pie -linkshared panic at runtime
  * go#49077 x/net/http2: backport critical fixes
  * go#49010 net,runtime: apparent deadlock in (*net.conn).Close and runtime.netpollblock on arm64 platforms
  * go#48823 x/net/http2: client can hang forever if headers' size exceeds connection's buffer size and server hangs past request time
  * go#48650 x/net/http2: pool deadlock
  * go#48479 cmd/compile: 64 bits shifts on arm get wrong results
  * go#48475 cmd/compile: incorrect arm/arm64 simplification rules
  * go#48075 syscall: SysProcAttr{ NoInheritHandles: true } broken in 1.17 on Windows

OBS-URL: https://build.opensuse.org/request/show/929548
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go1.17?expand=0&rev=7

go1.17.2.src.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:2255eb3e4e824dd7d5fcdc2e7f84534371c186312e546fb1086a34c17752f431
-size 22182111

go1.17.3.src.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:705c64251e5b25d5d55ede1039c6aa22bea40a7a931d14c370339853643c3df0
+size 22183309

go1.17.changes

@@ -1,3 +1,27 @@
+-------------------------------------------------------------------
+Thu Nov  4 21:23:39 UTC 2021 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.17.3 (released 2021-11-04) includes security fixes to the
+  archive/zip and debug/macho packages, as well as bug fixes to the
+  compiler, linker, runtime, the go command, the misc/wasm
+  directory, and to the net/http and syscall packages.
+  Refs boo#1190649 go1.17 release tracking
+  CVE-2021-41771 CVE-2021-41772
+  * boo#1192377 go#48990 CVE-2021-41771
+  * go#48992 debug/macho: invalid dynamic symbol table command can cause panic
+  * boo#1192378 go#48085 CVE-2021-41772
+  * go#48252 archive/zip: Reader.Open panics on empty string
+  * go#49199 cmd/go: go list all breaks in //go:build-only repos
+  * go#49154 misc/wasm, cmd/link: Go 1.17.2 causes WASM builds to throw command line too long with many environment variables
+  * go#49086 cmd/link: -buildmode=pie -linkshared panic at runtime
+  * go#49077 x/net/http2: backport critical fixes
+  * go#49010 net,runtime: apparent deadlock in (*net.conn).Close and runtime.netpollblock on arm64 platforms
+  * go#48823 x/net/http2: client can hang forever if headers' size exceeds connection's buffer size and server hangs past request time
+  * go#48650 x/net/http2: pool deadlock
+  * go#48479 cmd/compile: 64 bits shifts on arm get wrong results
+  * go#48475 cmd/compile: incorrect arm/arm64 simplification rules
+  * go#48075 syscall: SysProcAttr{ NoInheritHandles: true } broken in 1.17 on Windows
+
 -------------------------------------------------------------------
 Fri Oct  8 00:41:43 UTC 2021 - Jeff Kowalczyk <jkowalczyk@suse.com>
 

go1.17.spec

@@ -135,7 +135,7 @@
 %endif
 
 Name:           go1.17
-Version:        1.17.2
+Version:        1.17.3
 Release:        0
 Summary:        A compiled, garbage-collected, concurrent programming language
 License:        BSD-3-Clause