2023-01-11 05:53:34 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jan 10 22:13:49 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19.5 (released 2023-01-10) includes fixes to the compiler,
|
|
|
|
the linker, and the crypto/x509, net/http, sync/atomic, and
|
|
|
|
syscall packages.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
* go#57706 Misc/cgo: backport needed for dlltool fix
|
|
|
|
* go#57556 crypto/x509: re-allow duplicate attributes in CSRs
|
|
|
|
* go#57444 cmd/link: need to handle new-style LoongArch relocs
|
|
|
|
* go#57427 crypto/x509: Verify on macOS does not return typed errors
|
|
|
|
* go#57345 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its "old" argument.
|
|
|
|
* go#57339 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices
|
|
|
|
* go#57214 os: TestLstat failure on Linux Aarch64
|
|
|
|
* go#57212 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length
|
|
|
|
* go#57124 sync/atomic: allow linked lists of atomic.Pointer
|
|
|
|
* go#57100 cmd/compile: non-retpoline-compatible errors
|
|
|
|
* go#57058 cmd/go: remove test dependency on gopkg.in service
|
|
|
|
* go#57055 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders
|
|
|
|
* go#56983 runtime: failure in TestRaiseException on windows-amd64-2012
|
|
|
|
* go#56834 cmd/link/internal/ppc64: too-far trampoline is reused
|
|
|
|
* go#56770 cmd/compile: walkConvInterface produces broken IR
|
|
|
|
* go#56744 cmd/compile: internal compiler error: missing typecheck
|
|
|
|
* go#56712 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target
|
|
|
|
* go#56154 net/http: bad handling of HEAD requests with a body
|
|
|
|
|
2022-12-07 22:14:31 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Dec 6 20:49:04 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19.4 (released 2022-12-06) includes security fixes to the
|
|
|
|
net/http and os packages, as well as bug fixes to the compiler,
|
|
|
|
the runtime, and the crypto/x509, os/exec, and sync/atomic
|
|
|
|
packages.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
CVE-2022-41717 CVE-2022-41720
|
|
|
|
* go#57009 boo#1206135 security: fix CVE-2022-41717 net/http: limit canonical header cache by bytes, not entries
|
|
|
|
* go#57006 boo#1206134 security: fix CVE-2022-41720 os, net/http: avoid escapes from os.DirFS and http.Dir on Windows
|
|
|
|
* go#56752 runtime,cmd/compile: apparent memory corruption in compress/flate
|
|
|
|
* go#56710 net: builders failing TestLookupDotsWithRemoteSource and TestLookupGoogleSRV due to missing host for _xmpp-server._tcp.google.com
|
|
|
|
* go#56672 crypto/tls: boringcrypto restricts RSA key sizes to 2048 and 3072
|
|
|
|
* go#56638 sync/atomic: atomic.Pointer[T] can be misused with type conversions.
|
|
|
|
* go#56636 runtime: traceback stuck in runtime.systemstack
|
|
|
|
* go#56557 cmd/compile: some x/sys versions no longer build due to "go:linkname must refer to declared function or variable"
|
|
|
|
* go#56551 os/exec: Plan 9 build has been broken by a Windows security fix (also breaks 1.19.3 and 1.18.8)
|
|
|
|
* go#56438 crypto/x509: respect GODEBUG changes during program lifetime
|
|
|
|
* go#56397 runtime: on linux/PPC64, usleep computes incorrect tv_nsec parameter
|
|
|
|
* go#56360 cmd/compile: panic: offset too large
|
|
|
|
|
2022-11-01 21:02:43 +01:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Nov 1 17:18:30 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19.3 (released 2022-11-01) includes security fixes to the
|
|
|
|
os/exec and syscall packages, as well as bug fixes to the
|
|
|
|
compiler and the runtime.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
CVE-2022-41716
|
|
|
|
* go#56328 boo#1204941 security: fix CVE-2022-41716 syscall, os/exec: unsanitized NUL in environment variables
|
|
|
|
* go#56309 runtime: "runtime·lock: lock count" fatal error when cgo is enabled
|
|
|
|
* go#56168 cmd/compile: libFuzzer instrumentation fakePC overflow on 386 arch
|
|
|
|
* go#56106 internal/fuzz: array literal initialization causes ICE "unhandled stmt ASOP" while fuzzing
|
|
|
|
|
2022-10-05 05:00:09 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Oct 4 18:21:57 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19.2 (released 2022-10-04) includes security fixes to the
|
|
|
|
archive/tar, net/http/httputil, and regexp packages, as well as
|
|
|
|
bug fixes to the compiler, the linker, the runtime, and the
|
|
|
|
go/types package.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
CVE-2022-41715 CVE-2022-2879 CVE-2022-2880
|
|
|
|
* go#55951 boo#1204023 security: fix CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
|
|
|
|
* go#55926 boo#1204024 security: fix CVE-2022-2879 archive/tar: unbounded memory consumption when reading headers
|
|
|
|
* go#55843 boo#1204025 security: fix CVE-2022-2880 net/http/httputil: ReverseProxy should not forward unparseable query parameters
|
|
|
|
* go#55270 cmd/compile: internal compiler error: method Len on *uint8 not found
|
|
|
|
* go#55152 cmd/compile: typebits.Set: invalid initial alignment: type Peer has alignment 8, but offset is 4
|
|
|
|
* go#55149 go/types: no way to construct the signature of append(s, "string"...) via the API
|
|
|
|
* go#55124 fatal error: bulkBarrierPreWrite: unaligned arguments (go 1.19.1, looks like regression)
|
|
|
|
* go#55114 cmd/link: new darwin linker warning on -pagezero_size and -no_pie deprecation
|
|
|
|
* go#54917 cmd/compile: Value live at entry
|
|
|
|
* go#54764 runtime/cgo(.text): unknown symbol __stack_chk_fail_local in pcrel (regression in 1.19 when building for i686)
|
|
|
|
|
2022-08-23 01:38:27 +02:00
|
|
|
-------------------------------------------------------------------
|
2022-09-07 03:10:33 +02:00
|
|
|
Tue Sep 6 19:24:28 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19.1 (released 2022-09-06) includes security fixes to the
|
|
|
|
net/http and net/url packages, as well as bug fixes to the
|
|
|
|
compiler, the go command, the pprof command, the linker, the
|
|
|
|
runtime, and the crypto/tls and crypto/x509 packages.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
CVE-2022-27664 CVE-2022-32190
|
|
|
|
* go#54376 bsc#1203185 CVE-2022-27664 net/http: handle server errors after sending GOAWAY
|
|
|
|
* go#54635 bsc#1203186 CVE-2022-32190 net/url: JoinPath doesn't strip relative path components in all circumstances
|
|
|
|
* go#54736 cmd/go: cannot find package when importing dependencies with the unix build constraint
|
|
|
|
* go#54734 cmd/go: git fetch errors dropped when producing pseudo-versions for commits
|
|
|
|
* go#54726 cmd/compile: compile failed with "Value live at entry"
|
|
|
|
* go#54697 cmd/compile: ICE at composite literal assignment with alignment > PtrSize
|
|
|
|
* go#54675 runtime: morestack_noctxt missing SPWRITE, causes "traceback stuck" assert
|
|
|
|
* go#54665 runtime: segfault running ppc64/linux binaries with kernel 5.18
|
|
|
|
* go#54660 cmd/go: go test -race does not set implicit race build tag
|
|
|
|
* go#54643 crypto/tls: support ECDHE key exchanges when ec_point_formats is missing in ClientHello extension
|
|
|
|
* go#54637 cmd/go: data race in TestScript
|
|
|
|
* go#54633 cmd/go/internal/modfetch/codehost: racing writes to Origin fields
|
|
|
|
* go#54629 cmd/compile: miscompilation of partially-overlapping array assignments
|
|
|
|
* go#54420 cmd/pprof: graphviz node names are funny with generics
|
|
|
|
* go#54406 cmd/link: trampoline insertion breaks DWARF Line Program Table output on Darwin/ARM64
|
|
|
|
* go#54309 cmd/compile: internal compiler error: panic: runtime error: invalid memory address or nil pointer dereference
|
|
|
|
* go#54295 crypto/x509: panics on invalid curve instead of returning error
|
|
|
|
* go#54243 cmd/compile: internal compiler error when compiling code with unbound method of generic type
|
|
|
|
* go#54239 misc/cgo: TestSignalForwardingExternal sometimes fails with wrong signal SIGINT
|
|
|
|
* go#54235 cmd/compile: internal compiler error of atomic type and offsetof
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2022-08-23 01:38:27 +02:00
|
|
|
Mon Aug 22 20:44:19 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- Define go_bootstrap_version go1.16 without suse_version checks
|
|
|
|
- Simplify conditional gcc_go_version 12 on Tumbleweed, 11 elsewhere
|
|
|
|
- Add _constraints for worker disk space 5G needed by SLE-15 x86_64
|
|
|
|
- SLE-12 s390x use bcond_without gccgo to bootstrap using gcc11go
|
|
|
|
* Workaround for SLE-12 s390x build error while writing linker data:
|
|
|
|
bad carrier sym for symbol crypto/internal/nistec.p256OrdMul.args_stackmap
|
|
|
|
created by cmd/link/internal/ld.writeBlocks
|
|
|
|
/usr/lib64/go/1.19/src/cmd/link/internal/ld/data.go:958
|
|
|
|
|
2022-08-19 21:57:35 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Aug 19 17:53:40 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
|
|
|
|
2022-08-23 01:38:27 +02:00
|
|
|
- Bootstrap using go1.16 on SLE-15 and newer. go1.16 is
|
|
|
|
bootstrapped using gcc-go 11 or 12. This allows dropping older
|
|
|
|
versions of Go from Factory.
|
2022-08-19 21:57:35 +02:00
|
|
|
|
2022-08-09 22:25:31 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 9 05:56:23 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- Rebase gcc-go.patch onto upstream changes in go/src/make.bash and
|
|
|
|
go/src/make.rc. Used for SLE-12 go bootstrap builds with gcc8.
|
|
|
|
|
2022-08-09 00:14:54 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Aug 2 17:19:11 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19 (released 2022-08-02) is a major release of Go.
|
|
|
|
go1.19.x minor releases will be provided through August 2023.
|
|
|
|
https://github.com/golang/go/wiki/Go-Release-Cycle
|
|
|
|
go1.19 arrives five months after go1.18. Most of its changes are
|
|
|
|
in the implementation of the toolchain, runtime, and libraries.
|
|
|
|
As always, the release maintains the Go 1 promise of
|
|
|
|
compatibility. We expect almost all Go programs to continue to
|
|
|
|
compile and run as before.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
* See release notes https://golang.org/doc/go1.19. Excerpts
|
|
|
|
relevant to OBS environment and for SUSE/openSUSE follow:
|
|
|
|
* There is only one small change to the language, a very small
|
|
|
|
correction to the scope of type parameters in method
|
|
|
|
declarations. Existing programs are unaffected.
|
|
|
|
* The Go memory model has been revised to align Go with the
|
|
|
|
memory model used by C, C++, Java, JavaScript, Rust, and
|
|
|
|
Swift. Go only provides sequentially consistent atomics, not
|
|
|
|
any of the more relaxed forms found in other languages. Along
|
|
|
|
with the memory model update, Go 1.19 introduces new types in
|
|
|
|
the sync/atomic package that make it easier to use atomic
|
|
|
|
values, such as atomic.Int64 and atomic.Pointer[T].
|
|
|
|
* go1.19 adds support for the Loongson 64-bit architecture
|
|
|
|
LoongArch on Linux (GOOS=linux, GOARCH=loong64). The ABI
|
|
|
|
implemented is LP64D. Minimum kernel version supported is 5.19.
|
|
|
|
* The riscv64 port now supports passing function arguments and
|
|
|
|
result using registers. Benchmarking shows typical performance
|
|
|
|
improvements of 10% or more on riscv64.
|
|
|
|
* Go 1.19 adds support for links, lists, and clearer headings in
|
|
|
|
doc comments. As part of this change, gofmt now reformats doc
|
|
|
|
comments to make their rendered meaning clearer. See "Go Doc
|
|
|
|
Comments" for syntax details and descriptions of common
|
|
|
|
mistakes now highlighted by gofmt. As another part of this
|
|
|
|
change, the new package go/doc/comment provides parsing and
|
|
|
|
reformatting of doc comments as well as support for rendering
|
|
|
|
them to HTML, Markdown, and text.
|
|
|
|
* The new build constraint "unix" is now recognized in //go:build
|
|
|
|
lines. The constraint is satisfied if the target operating
|
|
|
|
system, also known as GOOS, is a Unix or Unix-like system. For
|
|
|
|
the 1.19 release it is satisfied if GOOS is one of aix,
|
|
|
|
android, darwin, dragonfly, freebsd, hurd, illumos, ios, linux,
|
|
|
|
netbsd, openbsd, or solaris. In future releases the unix
|
|
|
|
constraint may match additional newly supported operating
|
|
|
|
systems.
|
|
|
|
* The -trimpath flag, if set, is now included in the build
|
|
|
|
settings stamped into Go binaries by go build, and can be
|
|
|
|
examined using go version -m or debug.ReadBuildInfo.
|
|
|
|
* go generate now sets the GOROOT environment variable explicitly
|
|
|
|
in the generator's environment, so that generators can locate
|
|
|
|
the correct GOROOT even if built with -trimpath.
|
|
|
|
* go test and go generate now place GOROOT/bin at the beginning
|
|
|
|
of the PATH used for the subprocess, so tests and generators
|
|
|
|
that execute the go command will resolve it to same GOROOT.
|
|
|
|
* go env now quotes entries that contain spaces in the
|
|
|
|
CGO_CFLAGS, CGO_CPPFLAGS, CGO_CXXFLAGS, CGO_FFLAGS,
|
|
|
|
CGO_LDFLAGS, and GOGCCFLAGS variables it reports.
|
|
|
|
* go list -json now accepts a comma-separated list of JSON fields
|
|
|
|
to populate. If a list is specified, the JSON output will
|
|
|
|
include only those fields, and go list may avoid work to
|
|
|
|
compute fields that are not included. In some cases, this may
|
|
|
|
suppress errors that would otherwise be reported.
|
|
|
|
* The go command now caches information necessary to load some
|
|
|
|
modules, which should result in a speed-up of some go list
|
|
|
|
invocations.
|
|
|
|
* The vet checker "errorsas" now reports when errors.As is called
|
|
|
|
with a second argument of type *error, a common mistake.
|
|
|
|
* The runtime now includes support for a soft memory limit. This
|
|
|
|
memory limit includes the Go heap and all other memory managed
|
|
|
|
by the runtime, and excludes external memory sources such as
|
|
|
|
mappings of the binary itself, memory managed in other
|
|
|
|
languages, and memory held by the operating system on behalf of
|
|
|
|
the Go program. This limit may be managed via
|
|
|
|
runtime/debug.SetMemoryLimit or the equivalent GOMEMLIMIT
|
|
|
|
environment variable. The limit works in conjunction with
|
|
|
|
runtime/debug.SetGCPercent / GOGC, and will be respected even
|
|
|
|
if GOGC=off, allowing Go programs to always make maximal use of
|
|
|
|
their memory limit, improving resource efficiency in some
|
|
|
|
cases.
|
|
|
|
* In order to limit the effects of GC thrashing when the
|
|
|
|
program's live heap size approaches the soft memory limit, the
|
|
|
|
Go runtime also attempts to limit total GC CPU utilization to
|
|
|
|
50%, excluding idle time, choosing to use more memory over
|
|
|
|
preventing application progress. In practice, we expect this
|
|
|
|
limit to only play a role in exceptional cases, and the new
|
|
|
|
runtime metric /gc/limiter/last-enabled:gc-cycle reports when
|
|
|
|
this last occurred.
|
|
|
|
* The runtime now schedules many fewer GC worker goroutines on
|
|
|
|
idle operating system threads when the application is idle
|
|
|
|
enough to force a periodic GC cycle.
|
|
|
|
* The runtime will now allocate initial goroutine stacks based on
|
|
|
|
the historic average stack usage of goroutines. This avoids
|
|
|
|
some of the early stack growth and copying needed in the
|
|
|
|
average case in exchange for at most 2x wasted space on
|
|
|
|
below-average goroutines.
|
|
|
|
* On Unix operating systems, Go programs that import package os
|
|
|
|
now automatically increase the open file limit (RLIMIT_NOFILE)
|
|
|
|
to the maximum allowed value; that is, they change the soft
|
|
|
|
limit to match the hard limit. This corrects artificially low
|
|
|
|
limits set on some systems for compatibility with very old C
|
|
|
|
programs using the select system call. Go programs are not
|
|
|
|
helped by that limit, and instead even simple programs like
|
|
|
|
gofmt often ran out of file descriptors on such systems when
|
|
|
|
processing many files in parallel. One impact of this change is
|
|
|
|
that Go programs that in turn execute very old C programs in
|
|
|
|
child processes may run those programs with too high a
|
|
|
|
limit. This can be corrected by setting the hard limit before
|
|
|
|
invoking the Go program.
|
|
|
|
* Unrecoverable fatal errors (such as concurrent map writes, or
|
|
|
|
unlock of unlocked mutexes) now print a simpler traceback
|
|
|
|
excluding runtime metadata (equivalent to a fatal panic) unless
|
|
|
|
GOTRACEBACK=system or crash. Runtime-internal fatal error
|
|
|
|
tracebacks always include full metadata regardless of the value
|
|
|
|
of GOTRACEBACK
|
|
|
|
* Support for debugger-injected function calls has been added on
|
|
|
|
ARM64, enabling users to call functions from their binary in an
|
|
|
|
interactive debugging session when using a debugger that is
|
|
|
|
updated to make use of this functionality.
|
|
|
|
* The address sanitizer support added in Go 1.18 now handles
|
|
|
|
function arguments and global variables more precisely.
|
|
|
|
* The compiler now uses a jump table to implement large integer
|
|
|
|
and string switch statements. Performance improvements for the
|
|
|
|
switch statement vary but can be on the order of 20%
|
|
|
|
faster. (GOARCH=amd64 and GOARCH=arm64 only)
|
|
|
|
* The Go compiler now requires the -p=importpath flag to build a
|
|
|
|
linkable object file. This is already supplied by the go
|
|
|
|
command and by Bazel. Any other build systems that invoke the
|
|
|
|
Go compiler directly will need to make sure they pass this flag
|
|
|
|
as well.
|
|
|
|
* The Go compiler no longer accepts the -importmap flag. Build
|
|
|
|
systems that invoke the Go compiler directly must use the
|
|
|
|
-importcfg flag instead.
|
|
|
|
* Like the compiler, the assembler now requires the -p=importpath
|
|
|
|
flag to build a linkable object file. This is already supplied
|
|
|
|
by the go command. Any other build systems that invoke the Go
|
|
|
|
assembler directly will need to make sure they pass this flag
|
|
|
|
as well.
|
|
|
|
* Command and LookPath no longer allow results from a PATH search
|
|
|
|
to be found relative to the current directory. This removes a
|
|
|
|
common source of security problems but may also break existing
|
|
|
|
programs that depend on using, say, exec.Command("prog") to run
|
|
|
|
a binary named prog (or, on Windows, prog.exe) in the current
|
|
|
|
directory. See the os/exec package documentation for
|
|
|
|
information about how best to update such programs.
|
|
|
|
* On Windows, Command and LookPath now respect the
|
|
|
|
NoDefaultCurrentDirectoryInExePath environment variable, making
|
|
|
|
it possible to disable the default implicit search of “.” in
|
|
|
|
PATH lookups on Windows systems.
|
|
|
|
* crypto/elliptic: Operating on invalid curve points (those for
|
|
|
|
which the IsOnCurve method returns false, and which are never
|
|
|
|
returned by Unmarshal or by a Curve method operating on a valid
|
|
|
|
point) has always been undefined behavior and can lead to key
|
|
|
|
recovery attacks. If an invalid point is supplied to Marshal,
|
|
|
|
MarshalCompressed, Add, Double, or ScalarMult, they will now
|
|
|
|
panic. ScalarBaseMult operations on the P224, P384, and P521
|
|
|
|
curves are now up to three times faster, leading to similar
|
|
|
|
speedups in some ECDSA operations. The generic (not platform
|
|
|
|
optimized) P256 implementation was replaced with one derived
|
|
|
|
from a formally verified model; this might lead to significant
|
|
|
|
slowdowns on 32-bit platforms.
|
|
|
|
* crypto/rand: Read no longer buffers random data obtained from
|
|
|
|
the operating system between calls. Applications that perform
|
|
|
|
many small reads at high frequency might choose to wrap Reader
|
|
|
|
in a bufio.Reader for performance reasons, taking care to use
|
|
|
|
io.ReadFull to ensure no partial reads occur. The Prime
|
|
|
|
implementation was changed to use only rejection sampling,
|
|
|
|
which removes a bias when generating small primes in
|
|
|
|
non-cryptographic contexts, removes one possible minor timing
|
|
|
|
leak, and better aligns the behavior with BoringSSL, all while
|
|
|
|
simplifying the implementation. The change does produce
|
|
|
|
different outputs for a given random source stream compared to
|
|
|
|
the previous implementation, which can break tests written
|
|
|
|
expecting specific results from specific deterministic random
|
|
|
|
sources. To help prevent such problems in the future, the
|
|
|
|
implementation is now intentionally non-deterministic with
|
|
|
|
respect to the input stream.
|
|
|
|
* crypto/tls: The GODEBUG option tls10default=1 has been
|
|
|
|
removed. It is still possible to enable TLS 1.0 client-side by
|
|
|
|
setting Config.MinVersion. The TLS server and client now reject
|
|
|
|
duplicate extensions in TLS handshakes, as required by RFC
|
|
|
|
5246, Section 7.4.1.4 and RFC 8446, Section 4.2.
|
|
|
|
* crypto/x509: CreateCertificate no longer supports creating
|
|
|
|
certificates with SignatureAlgorithm set to
|
|
|
|
MD5WithRSA. CreateCertificate no longer accepts negative serial
|
|
|
|
numbers. CreateCertificate will not emit an empty SEQUENCE
|
|
|
|
anymore when the produced certificate has no
|
|
|
|
extensions. ParseCertificate and ParseCertificateRequest now
|
|
|
|
reject certificates and CSRs which contain duplicate
|
|
|
|
extensions. The new CertPool.Clone and CertPool.Equal methods
|
|
|
|
allow cloning a CertPool and checking the equivalence of two
|
|
|
|
CertPools respectively. The new function ParseRevocationList
|
|
|
|
provides a faster, safer to use CRL parser which returns a
|
|
|
|
RevocationList. Parsing a CRL also populates the new
|
|
|
|
RevocationList fields RawIssuer, Signature, AuthorityKeyId, and
|
|
|
|
Extensions, which are ignored by CreateRevocationList. The new
|
|
|
|
method RevocationList.CheckSignatureFrom checks that the
|
|
|
|
signature on a CRL is a valid signature from a Certificate. The
|
|
|
|
ParseCRL and ParseDERCRL functions are now deprecated in favor
|
|
|
|
of ParseRevocationList. The Certificate.CheckCRLSignature
|
|
|
|
method is deprecated in favor of
|
|
|
|
RevocationList.CheckSignatureFrom. The path builder of
|
|
|
|
Certificate.Verify was overhauled and should now produce better
|
|
|
|
chains and/or be more efficient in complicated scenarios. Name
|
|
|
|
constraints are now also enforced on non-leaf certificates.
|
|
|
|
* crypto/x509/pkix: The types CertificateList and
|
|
|
|
TBSCertificateList have been deprecated. The new crypto/x509
|
|
|
|
CRL functionality should be used instead.
|
|
|
|
* debug/elf: The new EM_LOONGARCH and R_LARCH_* constants support
|
|
|
|
the loong64 port.
|
|
|
|
* debug/pe: The new File.COFFSymbolReadSectionDefAux method,
|
|
|
|
which returns a COFFSymbolAuxFormat5, provides access to COMDAT
|
|
|
|
information in PE file sections. These are supported by new
|
|
|
|
IMAGE_COMDAT_* and IMAGE_SCN_* constants.
|
|
|
|
* runtime: The GOROOT function now returns the empty string
|
|
|
|
(instead of "go") when the binary was built with the -trimpath
|
|
|
|
flag set and the GOROOT variable is not set in the process
|
|
|
|
environment.
|
|
|
|
* runtime/metrics: The new /sched/gomaxprocs:threads metric
|
|
|
|
reports the current runtime.GOMAXPROCS value. The new
|
|
|
|
/cgo/go-to-c-calls:calls metric reports the total number of
|
|
|
|
calls made from Go to C. This metric is identical to the
|
|
|
|
runtime.NumCgoCall function. The new
|
|
|
|
/gc/limiter/last-enabled:gc-cycle metric reports the last GC
|
|
|
|
cycle when the GC CPU limiter was enabled. See the runtime
|
|
|
|
notes for details about the GC CPU limiter.
|
|
|
|
* runtime/pprof: Stop-the-world pause times have been
|
|
|
|
significantly reduced when collecting goroutine profiles,
|
|
|
|
reducing the overall latency impact to the application. MaxRSS
|
|
|
|
is now reported in heap profiles for all Unix operating systems
|
|
|
|
(it was previously only reported for GOOS=android, darwin, ios,
|
|
|
|
and linux).
|
|
|
|
* runtime/race: The race detector has been upgraded to use thread
|
|
|
|
sanitizer version v3 on all supported platforms except
|
|
|
|
windows/amd64 and openbsd/amd64, which remain on v2. Compared
|
|
|
|
to v2, it is now typically 1.5x to 2x faster, uses half as much
|
|
|
|
memory, and it supports an unlimited number of goroutines. On
|
|
|
|
Linux, the race detector now requires at least glibc version
|
|
|
|
2.17 and GNU binutils 2.26. The race detector is now supported
|
|
|
|
on GOARCH=s390x. Race detector support for openbsd/amd64 has
|
|
|
|
been removed from thread sanitizer upstream, so it is unlikely
|
|
|
|
to ever be updated from v2.
|
|
|
|
* runtime/trace: When tracing and the CPU profiler are enabled
|
|
|
|
simultaneously, the execution trace includes CPU profile
|
|
|
|
samples as instantaneous events.
|
|
|
|
* syscall: On PowerPC (GOARCH=ppc64, ppc64le), Syscall, Syscall6,
|
|
|
|
RawSyscall, and RawSyscall6 now always return 0 for return
|
|
|
|
value r2 instead of an undefined value. On AIX and Solaris,
|
|
|
|
Getrusage is now defined.
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jul 12 23:39:16 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19rc2 (released 2022-07-12) is a release candidate version of
|
|
|
|
go1.19 cut from the master branch at the revision tagged
|
|
|
|
go1.19rc2.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Wed Jul 6 21:40:49 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19rc1 (released 2022-07-06) is a release candidate version of
|
|
|
|
go1.19 cut from the master branch at the revision tagged
|
|
|
|
go1.19rc1.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 14 20:00:43 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- Trace viewer html and javascript files moved from misc/trace in
|
|
|
|
previous versions to src/cmd/trace/static in go1.19.
|
|
|
|
* Added files with mode 0644:
|
|
|
|
/usr/share/go/1.19/src/cmd/trace/static
|
|
|
|
/usr/share/go/1.19/src/cmd/trace/static/README.md
|
|
|
|
/usr/share/go/1.19/src/cmd/trace/static/trace_viewer_full.html
|
|
|
|
/usr/share/go/1.19/src/cmd/trace/static/webcomponents.min.js
|
|
|
|
|
2022-06-11 03:08:58 +02:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Fri Jun 10 20:39:05 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
|
|
|
|
|
|
|
- go1.19beta1 (released 2022-06-10) is a beta version of go1.19 cut
|
|
|
|
from the master branch at the revision tagged go1.19beta1.
|
|
|
|
Refs boo#1200441 go1.19 release tracking
|