Adding patchinfo patchinfo.20250207135102776966.90520734224245
Some checks failed
Patchinfo ID numberator / use-go-action (push) Has been cancelled
Some checks failed
Patchinfo ID numberator / use-go-action (push) Has been cancelled
This commit is contained in:
parent
d3eca2d597
commit
b746e8aede
2
go1.22
2
go1.22
@ -1 +1 @@
|
||||
Subproject commit ab2c882db02a6e04eb498ccf2d6b54c263526479298e3b4b93744adbcd98a4e2
|
||||
Subproject commit ecd376ac0e9ee3ed3e3d291fef7f1ab4f50a2901f920b5c1aa7e0ee51f04d128
|
||||
2
go1.23
2
go1.23
@ -1 +1 @@
|
||||
Subproject commit fec5b7628115272b8e0d70732b30cc007fe9dc1a250b1969185179d10b7e3c80
|
||||
Subproject commit 7ca7831303736a2b50b891302df8ba6a759c07d047ad2e790964a7b3c334ad42
|
||||
2
go1.24
2
go1.24
@ -1 +1 @@
|
||||
Subproject commit 26d832a437ef14d3fa9d4e68c760e5d2d389735db99acfd37843d27739a5a7bd
|
||||
Subproject commit 93c9857bf6c2b71c7ec00cd1d80e6c090b3fd16b306b577afb89387295b81acc
|
||||
43
patchinfo.20250207135102776966.90520734224245/_patchinfo
Normal file
43
patchinfo.20250207135102776966.90520734224245/_patchinfo
Normal file
@ -0,0 +1,43 @@
|
||||
<patchinfo>
|
||||
<!-- generated from request(s) 360183, 360231, 360254 -->
|
||||
<issue tracker="bnc" id="1218424">go1.22 release tracking</issue>
|
||||
<issue tracker="bnc" id="1229122">go1.23 release tracking</issue>
|
||||
<issue tracker="bnc" id="1236217">go1.24 release tracking</issue>
|
||||
<issue tracker="bnc" id="1236801">VUL-0: CVE-2025-22866 go1.22,go1.23,go1.24: crypto/elliptic: timing sidechannel for P-256 on ppc64le</issue>
|
||||
<issue tracker="bnc" id="1236839">VUL-0: CVE-2025-22867: go1.24: cmd/go: arbitrary code execution during build on darwin</issue>
|
||||
<issue tracker="cve" id="2025-22866"/>
|
||||
<issue tracker="cve" id="2025-22867"/>
|
||||
<packager>jfkw</packager>
|
||||
<rating>moderate</rating>
|
||||
<category>security</category>
|
||||
<summary>Security update for go1.24, go1.22, go1.23</summary>
|
||||
<description>This update for go1.24, go1.22, go1.23 fixes the following issues:
|
||||
|
||||
go1.22:
|
||||
|
||||
- go1.22.12 (released 2025-02-04) includes security fixes to the
|
||||
crypto/elliptic package, as well as bug fixes to the compiler and
|
||||
the go command. (bsc#1218424)
|
||||
* CVE-2025-22866: fix crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801)
|
||||
* cmd/compile: broken write barrier
|
||||
|
||||
go1.23:
|
||||
- go1.23.6 (released 2025-02-04) includes security fixes to the
|
||||
crypto/elliptic package, as well as bug fixes to the compiler and
|
||||
the go command. (bsc#1229122)
|
||||
* CVE-2025-22866: fix crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801)
|
||||
|
||||
go1.24:
|
||||
- go1.24rc3 (released 2024-02-05) is a release candidate version of
|
||||
go1.24 cut from the master branch at the revision tagged
|
||||
go1.24rc3.
|
||||
(bsc#1236217)
|
||||
* CVE-2025-22866: fix crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le (bsc#1236801)
|
||||
* CVE-2025-22867: Fixed cmd/go: arbitrary code execution during build on darwin (bsc#1236839)
|
||||
|
||||
</description>
|
||||
<package>go1.22</package>
|
||||
<package>go1.23</package>
|
||||
<package>go1.24</package>
|
||||
<seperate_build_arch/>
|
||||
</patchinfo>
|
||||
Loading…
x
Reference in New Issue
Block a user