SHA256
1
0
forked from pool/go1.22
Commit Graph

1 Commits

Author SHA256 Message Date
Jeff Kowalczyk
31608c54c0 - go1.22.7 (released 2024-09-05) includes security fixes to the
encoding/gob, go/build/constraint, and go/parser packages, as
  well as bug fixes to the fix command and the runtime.
  Refs boo#1218424 go1.22 release tracking
  CVE-2024-34155 CVE-2024-34156 CVE-2024-34158
  - go#69142 go#69138 boo#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)
  - go#69144 go#69139 boo#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)
  - go#69148 go#69141 boo#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)
  - go#68811 os: TestChtimes failures
  - go#68825 cmd/fix: fails to run on modules whose go directive value is in "1.n.m" format introduced in Go 1.21.0
  - go#68972 cmd/cgo: aix c-archive corrupting stack

OBS-URL: https://build.opensuse.org/package/show/devel:languages:go/go1.22?expand=0&rev=26
2024-09-05 19:07:54 +00:00