pool/go1.18
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1008077 from devel:languages:go

Browse Source 
- go1.18.7 (released 2022-10-04) includes security fixes to the
  archive/tar, net/http/httputil, and regexp packages, as well as
  bug fixes to the compiler, the linker, and the go/types package.
  Refs boo#1193742 go1.18 release tracking
  CVE-2022-41715 CVE-2022-2879 CVE-2022-2880
  * go#55950 boo#1204023 security: fix CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
  * go#55925 boo#1204024 security: fix CVE-2022-2879 archive/tar: unbounded memory consumption when reading headers
  * go#55842 boo#1204025 security: fix CVE-2022-2880 net/http/httputil: ReverseProxy should not forward unparseable query parameters
  * go#55151 fatal error: bulkBarrierPreWrite: unaligned arguments
  * go#55148 go/types: no way to construct the signature of append(s, "string"...) via the API
  * go#55113 cmd/link: new darwin linker warning on -pagezero_size and -no_pie deprecation
  * go#54918 cmd/compile: Value live at entry (forwarded request 1008075 from jfkw)

OBS-URL: https://build.opensuse.org/request/show/1008077
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/go1.18?expand=0&rev=16
This commit is contained in:
Fabian Vogt 2022-10-10 16:43:53 +00:00 committed by Git OBS Bridge
commit 64faa17b04
5 changed files with 27 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
_constraints Normal file
View File

@ -0,0 +1,7 @@
<constraints>
<hardware>
<disk>
<size unit="G">5</size>
</disk>
</hardware>
</constraints>

3
go1.18.6.src.tar.gz
View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:a7f1d50424355dabce66d1112b1cae439b6ee5e4f15edba6f104c0a4b173e895
size 22865753

3
go1.18.7.src.tar.gz Normal file
View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:9467e33b819f71bebb21fb0ee1dd6794fd2244ae94907a984286712f9839a944
size 22872579

16
go1.18.changes
View File

@ -1,3 +1,19 @@
-------------------------------------------------------------------
Tue Oct 4 18:21:57 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
- go1.18.7 (released 2022-10-04) includes security fixes to the
archive/tar, net/http/httputil, and regexp packages, as well as
bug fixes to the compiler, the linker, and the go/types package.
Refs boo#1193742 go1.18 release tracking
CVE-2022-41715 CVE-2022-2879 CVE-2022-2880
* go#55950 boo#1204023 security: fix CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
* go#55925 boo#1204024 security: fix CVE-2022-2879 archive/tar: unbounded memory consumption when reading headers
* go#55842 boo#1204025 security: fix CVE-2022-2880 net/http/httputil: ReverseProxy should not forward unparseable query parameters
* go#55151 fatal error: bulkBarrierPreWrite: unaligned arguments
* go#55148 go/types: no way to construct the signature of append(s, "string"...) via the API
* go#55113 cmd/link: new darwin linker warning on -pagezero_size and -no_pie deprecation
* go#54918 cmd/compile: Value live at entry
-------------------------------------------------------------------
Tue Sep 6 19:24:28 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>

2
go1.18.spec
View File

@ -134,7 +134,7 @@
%endif
Name: go1.18
Version: 1.18.6
Version: 1.18.7
Release: 0
Summary: A compiled, garbage-collected, concurrent programming language
License: BSD-3-Clause