Accepting request 980418 from home:jfkw:branches:devel:languages:go
- go1.18.3 (released 2022-06-01) includes security fixes to the crypto/rand, crypto/tls, os/exec, and path/filepath packages, as well as bug fixes to the compiler, and the crypto/tls and text/template/parse packages. Refs boo#1193742 go1.18 release tracking CVE-2022-30634 CVE-2022-30629 CVE-2022-30580 CVE-2022-29804 * boo#1200134 go#52561 CVE-2022-30634 * go#52933 crypto/rand: Read hangs when passed buffer larger than 1<<32 - 1 * boo#1200135 go#52814 CVE-2022-30629 * go#52833 crypto/tls: randomly generate ticket_age_add * boo#1200136 go#52574 CVE-2022-30580 * go#53057 os/exec: Cmd.{Run,Start} should fail if Cmd.Path is unset * boo#1200137 go#52476 CVE-2022-29804 * go#52479 path/filepath: Clean(.\c:) returns c: on Windows * go#51849 cmd/compile: crash on pointer conversion in call to mapaccess2 * go#52242 cmd/compile: compiler crash on valid code * go#52286 cmd/compile: compiler crash with "Dictionary should have already been generated" * go#52791 crypto/tls: 500% increase in allocations from (*tls.Conn).Read in go 1.17 * go#52878 text/template: break/continue require no whitespace around them * go#53043 misc/cgo/testsanitizers: occasional hangs in TestTSAN/tsan12 * go#53115 misc/cgo/testsanitizers: deadlock in TestTSAN/tsan11 OBS-URL: https://build.opensuse.org/request/show/980418 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go1.18?expand=0&rev=21
This commit is contained in:
parent
9b2b528d2a
commit
6295af7dc3
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:2c44d03ea2c34092137ab919ba602f2c261a038d08eb468528a3f3a28e5667e2
|
||||
size 22837686
|
3
go1.18.3.src.tar.gz
Normal file
3
go1.18.3.src.tar.gz
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0012386ddcbb5f3350e407c679923811dbd283fcdc421724931614a842ecbc2d
|
||||
size 22838104
|
@ -1,3 +1,28 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 1 17:51:26 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.18.3 (released 2022-06-01) includes security fixes to the
|
||||
crypto/rand, crypto/tls, os/exec, and path/filepath packages, as
|
||||
well as bug fixes to the compiler, and the crypto/tls and
|
||||
text/template/parse packages.
|
||||
Refs boo#1193742 go1.18 release tracking
|
||||
CVE-2022-30634 CVE-2022-30629 CVE-2022-30580 CVE-2022-29804
|
||||
* boo#1200134 go#52561 CVE-2022-30634
|
||||
* go#52933 crypto/rand: Read hangs when passed buffer larger than 1<<32 - 1
|
||||
* boo#1200135 go#52814 CVE-2022-30629
|
||||
* go#52833 crypto/tls: randomly generate ticket_age_add
|
||||
* boo#1200136 go#52574 CVE-2022-30580
|
||||
* go#53057 os/exec: Cmd.{Run,Start} should fail if Cmd.Path is unset
|
||||
* boo#1200137 go#52476 CVE-2022-29804
|
||||
* go#52479 path/filepath: Clean(.\c:) returns c: on Windows
|
||||
* go#51849 cmd/compile: crash on pointer conversion in call to mapaccess2
|
||||
* go#52242 cmd/compile: compiler crash on valid code
|
||||
* go#52286 cmd/compile: compiler crash with "Dictionary should have already been generated"
|
||||
* go#52791 crypto/tls: 500% increase in allocations from (*tls.Conn).Read in go 1.17
|
||||
* go#52878 text/template: break/continue require no whitespace around them
|
||||
* go#53043 misc/cgo/testsanitizers: occasional hangs in TestTSAN/tsan12
|
||||
* go#53115 misc/cgo/testsanitizers: deadlock in TestTSAN/tsan11
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 10 22:25:54 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
|
@ -145,7 +145,7 @@
|
||||
%endif
|
||||
|
||||
Name: go1.18
|
||||
Version: 1.18.2
|
||||
Version: 1.18.3
|
||||
Release: 0
|
||||
Summary: A compiled, garbage-collected, concurrent programming language
|
||||
License: BSD-3-Clause
|
||||
|
Loading…
Reference in New Issue
Block a user