pool/go1.17
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 959306 from home:jfkw:branches:devel:languages:go

Browse Source 
- go1.17.8 (released 2022-03-03) includes a security fix to the
  regexp/syntax package, as well as bug fixes to the compiler,
  runtime, the go command, and the crypto/x509, and net packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2022-24921
  * boo#1196732 go#51112 CVE-2022-24921
  * go#51118 regexp: stack overflow (process exit) handling deeply nested regexp
  * go#51332 cmd/go/internal/modfetch: erroneously resolves a v2+incompatible version when a v2/go.mod file exists
  * go#51199 cmd/compile: "runtime: bad pointer in frame" in riscv64 with complier optimizations
  * go#51162 net: use EDNS to increase DNS packet size [freeze exception]
  * go#50734 runtime/metrics: time histogram sub-bucket ranges are off by a factor of two
  * go#51000 crypto/x509: invalid RDNSequence: invalid attribute value: unsupported string type: 18

OBS-URL: https://build.opensuse.org/request/show/959306
OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go1.17?expand=0&rev=13
This commit is contained in:
Jeff Kowalczyk 2022-03-04 01:44:37 +00:00 committed by Git OBS Bridge
parent 540054947f
commit 659d48e4e2
4 changed files with 20 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
go1.17.7.src.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:c108cd33b73b1911a02b697741df3dea43e01a5c4e08e409e8b3a0e3745d2b4d
size 22195583

3
go1.17.8.src.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:2effcd898140da79a061f3784ca4f8d8b13d811fb2abe9dad2404442dabbdf7a
size 22199282

16
go1.17.changes
View File

@ -1,3 +1,19 @@
-------------------------------------------------------------------
Thu Mar 3 21:51:40 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
- go1.17.8 (released 2022-03-03) includes a security fix to the
regexp/syntax package, as well as bug fixes to the compiler,
runtime, the go command, and the crypto/x509, and net packages.
Refs boo#1190649 go1.17 release tracking
CVE-2022-24921
* boo#1196732 go#51112 CVE-2022-24921
* go#51118 regexp: stack overflow (process exit) handling deeply nested regexp
* go#51332 cmd/go/internal/modfetch: erroneously resolves a v2+incompatible version when a v2/go.mod file exists
* go#51199 cmd/compile: "runtime: bad pointer in frame" in riscv64 with complier optimizations
* go#51162 net: use EDNS to increase DNS packet size [freeze exception]
* go#50734 runtime/metrics: time histogram sub-bucket ranges are off by a factor of two
* go#51000 crypto/x509: invalid RDNSequence: invalid attribute value: unsupported string type: 18
-------------------------------------------------------------------
Fri Feb 18 02:10:17 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>

2
go1.17.spec
View File

@ -135,7 +135,7 @@
%endif
Name: go1.17
Version: 1.17.7
Version: 1.17.8
Release: 0
Summary: A compiled, garbage-collected, concurrent programming language
License: BSD-3-Clause