go1.21 release tracking go1.22 release tracking go1.23 release tracking go1.20,go1.21,go1.22: ensure VERSION file is present in go1.x toolchain GOROOT VUL-0: CVE-2024-24783 go1.21,go1.22: crypto/x509: Verify panics on certificates with an unknown public key algorithm VUL-0: CVE-2023-45289 go1.21,go1.22: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect VUL-0: CVE-2023-45290 go1.21,go1.22: net/http: memory exhaustion in Request.ParseMultipartForm VUL-0: CVE-2024-24784 go1.21,go1.22: net/mail: comments in display names are incorrectly handled VUL-0: CVE-2024-24785 go1.21,go1.22: html/template: errors returned from MarshalJSON methods may break template escaping VUL-0: CVE-2023-45288: go1.21,go1.22: net/http, x/net/http2: close connections when receiving too many headers VUL-0: CVE-2024-24787: go1.21,go1.22: cmd/go: arbitrary code execution during build on darwin VUL-0: CVE-2024-24788: go1.22: net: malformed DNS message can cause infinite loop VUL-0: CVE-2024-24789: go1.21,go1.22: archive/zip: mishandling of corrupt central directory record VUL-0: CVE-2024-24790: go1.21,go1.22: net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses VUL-0: CVE-2024-24791 go1.21,go1.22: net/http: denial of service due to improper 100-continue handling VUL-0: CVE-2024-34155: go1.22,go1.23: go/parser: stack exhaustion in all Parse* functions VUL-0: CVE-2024-34156: go1.22,go1.23: encoding/gob: stack exhaustion in Decoder.Decode VUL-0: CVE-2024-34158: go1.22,go1.23: go/build/constraint: stack exhaustion in Parse jfkw moderate security

Security update for go1.23-openssl, go1.21-openssl, go1.22-openssl

This update for go1.23-openssl, go1.21-openssl, go1.22-openssl fixes the following issues: go1.21-openssl: - Update to version 1.21.13.4 cut from the go1.21-fips-release go1.22-openssl: - Update to version 1.22.7.1 cut from the go1.22-fips-release go1.23-openssl: - Update to version 1.23.2.2 cut from the go1.23-fips-release go1.21-openssl go1.22-openssl go1.23-openssl