Overview Repositories Revisions Requests Users Attributes Meta

Revisions of go1.22

Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1172536 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 9) 
- go1.22.3 (released 2024-05-07) includes security fixes to the go
  command and the net package, as well as bug fixes to the
  compiler, the runtime, and the net/http package.
  Refs boo#1218424 go1.22 release tracking
  CVE-2024-24787 CVE-2024-24788
  * go#67122 go#67119 boo#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
  * go#67040 go#66754 boo#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode
  * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
  * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
  * go#66886 runtime: deterministic fallback hashes across process boundary
  * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0 (forwarded request 1172534 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1164438 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 8) 
- go1.22.2 (released 2024-04-03) includes a security fix to the
  net/http package, as well as bug fixes to the compiler, the go
  command, the linker, and the encoding/gob, go/types, net/http,
  and runtime/trace packages.
  Refs boo#1218424 go1.22 release tracking
  CVE-2023-45288
  * go#66298 go#65051 boo#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers
  * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1
  * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation
  * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64
  * go#66134 cmd/compile: go test . results in CLOSURE ... <unknown line number>: internal compiler error: assertion failed
  * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument
  * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr
  * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows
  * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock
  * go#66256 cmd/go: git shallow fetches broken at CL 556358
  * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22
  * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le (forwarded request 1164436 from jfkw)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1155403 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 7) 
- go1.22.1 (released 2024-03-05) includes security fixes to the
  crypto/x509, html/template, net/http, net/http/cookiejar, and
  net/mail packages, as well as bug fixes to the compiler, the go
  command, the runtime, the trace command, and the go/types and
  net/http packages.
  Refs boo#1218424 go1.22 release tracking
  CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785
  * go#65831 go#65390 boo#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm
  * go#65849 go#65083 boo#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled
  * go#65850 go#65383 boo#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm
  * go#65859 go#65065 boo#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
  * go#65969 go#65697 boo#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping
  * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module
  * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders
  * go#65474 internal/testenv: support LUCI mobile builders in testenv tests
  * go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently
  * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change
  * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0
  * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing
  * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer
  * go#65728 go/types: nil pointer dereference in Alias.Underlying()
  * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22
  * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux
  * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer
  * go#65852 cmd/go: "missing ziphash" error with go.work
  * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms (forwarded request 1155401 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1152006 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 6) 
- Packaging improvements:
  * Use %patch -P N instead of deprecated %patchN (forwarded request 1152003 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1147337 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 5) 
- Packaging improvements:
  * boo#1219988 ensure VERSION file is present in GOROOT
    as required by go tool dist and go tool distpack (forwarded request 1147334 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1144766 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 4) 
- go1.22 (released 2024-02-06) is a major release of Go.
  go1.22.x minor releases will be provided through February 2024.
  https://github.com/golang/go/wiki/Go-Release-Cycle
  go1.22 arrives six months after go1.21. Most of its changes are
  in the implementation of the toolchain, runtime, and libraries.
  As always, the release maintains the Go 1 promise of
  compatibility. We expect almost all Go programs to continue to
  compile and run as before.
  Refs boo#1218424 go1.22 release tracking (forwarded request 1144765 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1141357 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 3) 
- go1.22rc2 (released 2024-01-24) is a release candidate version of
  go1.22 cut from the master branch at the revision tagged
  go1.22rc2.
  Refs boo#1218424 go1.22 release tracking (forwarded request 1141356 from jfkw)
Ana Guerrero's avatar Ana Guerrero (anag+factory) accepted request 1137626 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 2) 
Fix typo Refs boo#1218424 go1.22 release tracking (forwarded request 1137625 from jfkw)
Dominique Leuenberger's avatar Dominique Leuenberger (dimstar_suse) accepted request 1136678 from Jeff Kowalczyk's avatar Jeff Kowalczyk (jfkw) (revision 1) 
New package go1.22 version rc1 submitted for testing.

Due to prjconf Prefer: go most Go application packages will only
be built with go1.22 once a subsequent SR is submitted bumping
the go metapackage to version 1.22.
Displaying all 9 revisions
openSUSE Build Service is sponsored by
Places