Accepting request 1131272 from home:jfkw:branches:devel:languages:go

- go1.20.12 (released 2023-12-05) includes security fixes to the go command, and the net/http and path/filepath packages, as well as bug fixes to the compiler and the go command. Refs boo#1206346 go1.20 release tracking CVE-2023-45285 CVE-2023-45284 CVE-2023-39326 * go#63972 go#63845 boo#1217834 security: fix CVE-2023-45285 cmd/go: git VCS qualifier in module path uses git:// scheme * go#64040 go#63713 boo#1216943 security: fix CVE-2023-45284 path/filepath: Clean removes ending slash for volume on Windows in Go 1.21.4 * go#64434 go#64433 boo#1217833 security: fix CVE-2023-39326 net/http: limit chunked data overhead * go#63983 cmd/compile: internal compiler error: panic during prove while compiling: unexpected induction with too many parents * go#63988 cmd/go: TestScript/mod_get_direct fails with "Filename too long" on Windows OBS-URL: https://build.opensuse.org/request/show/1131272 OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go1.20?expand=0&rev=36
2023-12-06 07:47:51 +00:00 · 2023-12-06 07:47:51 +00:00 · 62a6d38ebf
commit 62a6d38ebf
parent df89ae2a6d
4 changed files with 18 additions and 4 deletions
--- a/go1.20.11.src.tar.gz
+++ b/go1.20.11.src.tar.gz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d355c5ae3a8f7763c9ec9dc25153aae373958cbcb60dd09e91a8b56c7621b2fc
-size 26198249
--- a/go1.20.12.src.tar.gz
+++ b/go1.20.12.src.tar.gz
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c5bf934751d31c315c1d0bb5fb02296545fa6d08923566f7a5afec81f2ed27d6
+size 26200362
--- a/go1.20.changes
+++ b/go1.20.changes
@ -1,3 +1,17 @@
+-------------------------------------------------------------------
+Tue Dec  5 19:03:51 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
+
+- go1.20.12 (released 2023-12-05) includes security fixes to the go
+  command, and the net/http and path/filepath packages, as well as
+  bug fixes to the compiler and the go command.
+  Refs boo#1206346 go1.20 release tracking
+  CVE-2023-45285 CVE-2023-45284 CVE-2023-39326
+  * go#63972 go#63845 boo#1217834 security: fix CVE-2023-45285 cmd/go: git VCS qualifier in module path uses git:// scheme
+  * go#64040 go#63713 boo#1216943 security: fix CVE-2023-45284 path/filepath: Clean removes ending slash for volume on Windows in Go 1.21.4
+  * go#64434 go#64433 boo#1217833 security: fix CVE-2023-39326 net/http: limit chunked data overhead
+  * go#63983 cmd/compile: internal compiler error: panic during prove while compiling: unexpected induction with too many parents
+  * go#63988 cmd/go: TestScript/mod_get_direct fails with "Filename too long" on Windows
+
 -------------------------------------------------------------------
 Tue Nov  7 19:29:09 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>

--- a/go1.20.spec
+++ b/go1.20.spec
@ -126,7 +126,7 @@
 %endif

 Name:           go1.20
-Version:        1.20.11
+Version:        1.20.12
 Release:        0
 Summary:        A compiled, garbage-collected, concurrent programming language
 License:        BSD-3-Clause