Add reproducible.patch to avoid build-time race (boo#1102408)

Workaround variations in build results between -j1 and -j4 builds.

Compilation time on 4-core VM increases from 211 to 322 seconds,
while 1-core VM remains at 519 s.

This patch applies to go1.15, go1.14 and go1.13 packages. (forwarded request 1167936 from bmwiedemann)

• Files Changed
• Browse Source

Prepare for RPM 4.20 (forwarded request 1152223 from dimstar)

• Files Changed
• Browse Source

- go1.14.15 (released 2021-02-04) includes fixes to the compiler,
  runtime, the go command, and the net/http package.
  Refs boo#1164903 go1.14 release tracking
  * go#43859 cmd/go: handle space in path to C compiler
  * go#43796 cmd/go: TestScript/mod_get_fallback relies on x/tools not being tagged
  * go#43792 internal/execabs: disable tests on js-wasm
  * go#43574 cmd/compile: 32-bit random data corruption
  * go#43405 x/mobile/cmd/gomobile: gomobile build on simple program returns "ld: error: duplicate symbol: x_cgo_inittls"
  * go#42586 net/http: race in http2Transport (forwarded request 869615 from jfkw)

• Files Changed
• Browse Source

- go1.14.14 (released 2021-01-19) includes security fixes to the
  cmd/go and crypto/elliptic packages.
  CVE-2021-3114 CVE-2021-3115
  Refs boo#1164903 go1.14 release tracking
  * boo#1181145 CVE-2021-3114
  * go#43787 crypto/elliptic: incorrect operations on the P-224 curve
  * boo#1181146 CVE-2021-3115
  * go#43784 cmd/go: packages using cgo can cause arbitrary code execution on Windows (forwarded request 864484 from jfkw)

• Files Changed
• Browse Source

- go1.14.13 (released 2020-12-03) includes fixes to the compiler,
  runtime, and the go command.
  Refs boo#1164903 go1.14 release tracking
  * go#42755 cmd/compile: ICE due to bad ORL constant
  * go#42635 runtime: infinite loop in lockextra on linux/amd64
  * go#42566 cmd/go: allow flags in CGO_LDFLAGS environment variable not in security allowlist

• Files Changed
• Browse Source

- go1.14.12 (released 2020-11-12) includes security fixes to the
  cmd/go and math/big packages.
  CVE-2020-28362 CVE-2020-28367 CVE-2020-28366
  Refs boo#1164903 go1.14 release tracking
  * boo#1178750 CVE-2020-28362
  * go#42553 math/big: panic during recursive division of very large numbers
  * boo#1178752 CVE-2020-28367
  * go#42560 cmd/go: arbitrary code can be injected into cgo generated files
  * boo#1178753 CVE-2020-28366
  * go#42557 cmd/go: improper validation of cgo flags can lead to remote code execution at build time (forwarded request 848226 from jfkw)

• Files Changed
• Browse Source

- go1.14.11 (released 2020-11-05) includes fixes to the runtime,
  and the net/http and time packages.
  Refs boo#1164903 go1.14 release tracking
  * go#42155 time: Location interprets wrong timezone (DST) with slim zoneinfo
  * go#42112 x/net/http2: the first write error on a connection will cause all subsequent write requests to fail blindly
  * go#41991 runtime: macOS-only segfault on 1.14+ with "split stack overflow"
  * go#41913 net/http: request.Clone doesn't deep copy TransferEncoding
  * go#41703 runtime: macOS syscall.Exec can get SIGILL due to preemption signal
  * go#41386 x/net/http2: connection-level flow control not returned if stream errors, causes server hang (forwarded request 846530 from jfkw)

• Files Changed
• Browse Source

- go1.14.10 (released 2020-10-14) includes fixes to the compiler,
  runtime, and the plugin and testing packages.
  * go#41815 database/sql: TestTxCannotCommitAfterRollback failures on windows-amd64-2008 builder
  * go#41796 runtime: memory corruption from stack-allocated defer on 32-bit
  * go#41619 memory corruption on linux/386 with float32 arithmetic, GO386=387, buildmode pie/c-archive
  * go#41322 runtime: "fatal error: unexpected signal during runtime execution" on windows-amd64-longtest builder of Go 1.15.2 commit
  * go#40880 testing: summary and test output interleaved
  * go#40694 plugin: program on linux/s390x sometimes hangs after calling "plugin.Open"
  * go#40647 runtime: pcdata is -2 and 12 locals stack map entries error on nil pointer
  * go#40642 runtime: race between stack shrinking and channel send/recv leads to bad sudog values (forwarded request 841835 from jfkw)

• Files Changed
• Browse Source

- go1.14.9 (released 2020-09-09) includes fixes to the compiler,
  linker, runtime, documentation, and the net/http and testing
  packages.
  Refs boo#1164903 go1.14 release tracking
  * go#41192 net/http/fcgi: race detected during execution of TestResponseWriterSniffsContentType test
  * go#41016 net/http: Transport.CancelRequest no longer cancels in-flight request
  * go#40973 net/http: RoundTrip unexpectedly changes Request
  * go#40968 runtime: checkptr incorrectly -race flagging when using &^ arithmetic
  * go#40938 cmd/compile: R12 can be clobbered for write barrier call on PPC64
  * go#40848 testing: "=== PAUSE" lines do not change the test name for the next log line
  * go#40797 cmd/compile: inline marker targets not reachable after assembly on arm
  * go#40766 cmd/compile: inline marker targets not reachable after assembly on ppc64x
  * go#40501 cmd/compile: for range loop reading past slice end
  * go#40411 runtime: Windows service lifecycle events behave incorrectly when called within a golang environment
  * go#40398 runtime: fatal error: checkdead: runnable g
  * go#40192 runtime: pageAlloc.searchAddr may point to unmapped memory in discontiguous heaps, violating its invariant
  * go#39955 cmd/link: incorrect GC bitmap when global's type is in another shared object
  * go#39690 cmd/compile: s390x floating point <-> integer conversions clobbering the condition code
  * go#39279 net/http: Re-connect with upgraded HTTP2 connection fails to send Request.body
  * go#38904 doc: include fix for #34437 in Go 1.14 release notes
- Use go_api instead of version for update-alternatives priority
- Add missing '?' before 'suse_version' test by Xia Lei <emricg2@gmail.com>

- replace binutils-gold requires by recommends for aarch64 on SLE. (bsc#1170826) (forwarded request 833830 from jfkw)

• Files Changed
• Browse Source

- go1.14.8 (released 2020-09-01) includes security fixes to the
  net/http/cgi, net/http/fcgi packages.
  CVE-2020-24553
  Refs boo#1164903 go1.14 release tracking
  * boo#1176031 CVE-2020-24553
  * go#41164 net/http/cgi,net/http/fcgi: Cross-Site Scripting (XSS) when Content-Type is not specified (forwarded request 831301 from jfkw)

• Files Changed
• Browse Source

- go1.14.7 (released 2020-08-06) includes security fixes to the
  encoding/binary package.
  CVE-2020-16845
  Refs boo#1164903 go1.14 release tracking
  * boo#1174977 CVE-2020-16845
  * go#40619 encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (forwarded request 824740 from jfkw)

• Files Changed
• Browse Source

Update to go1.14.6 addressing security CVEs. Improve packaging with
incrementing update-alternatives priority. Use %license tag. Rename
go1.x-prefer-etc-hosts-over-dns.patch and add info per packaging guidelines in
preparation for submit to SUSE. Remove %defattr(-,root,root,-) in %files

• Files Changed
• Browse Source

- Add Prefer-etc-hosts-over-DNS.patch to ensure /etc/hosts is used if /etc/nsswitch.conf is not present boo#1172868 gh#golang/go#35305 (forwarded request 814159 from RBrownSUSE)

• Files Changed
• Browse Source

- go1.14.4 (released 2020-06-01) includes fixes to the go doc command,
  the runtime, and the encoding/json and os packages.
  Refs boo#1164903 go1.14 release tracking
  * go#39158 os: opening an existing file with O_CREATE|O_TRUNC and permission 0 changes file to be read-only on Windows
  * go#38993 cmd/doc: -src flag misbehaves on some systems
  * go#38933 runtime: preemption in startTemplateThread may cause infinite hang
  * go#38178 encoding/json: marshal result of string type struct field with ",string" option change in go1.14
  * go#38106 encoding/json: mangled unmarshal string result (forwarded request 813061 from jfkw)

• Files Changed
• Browse Source

- Requires binutils-gold for %arm and aarch64 - boo#1170826 (forwarded request 798920 from Guillaume_G)

• Files Changed
• Browse Source

- go1.14.2 (released 2020-04-08) includes fixes to cgo, the go command,
  the runtime, os/exec, and testing packages.
  Refs boo#1164903 go1.14 release tracking
  * go#38156 doc: BuildNameToCertificate deprecated in go 1.14 not mentioned in the release notes
  * go#38118 runtime/pprof: lostProfileEvent stack breaks gentraceback guarantee
  * go#38083 cmd/go/internal/test: data race in (*runCache).builderRunTest
  * go#38072 runtime: timer self-deadlock due to preemption point
  * go#38051 runtime: loops forever on sched_yield sometimes(timer related)
  * go#38005 runtime: "pipe failed with -89" at program startup(mipsle only), timer related netpoll init.
  * go#37970 runtime/pprof: panic: runtime error: index out of range [-1]
  * go#37968 runtime: fatal error: found bad pointer in Go heap (incorrect use of unsafe or cgo?)
  * go#37959 testing: data race between parallel panicking and normal subtest
  * go#37931 cmd/go: explain automatic vendoring in 'go help modules'
  * go#37928 runtime: GC pacing exhibits strange behavior with a low GOGC
  * go#37800 cmd/go: 'Access is denied' when renaming module cache directory
  * go#37699 PowerRegisterSuspendResumeNotification error on Azure App Services with go 1.13.7
  * go#37622 cmd/cgo: fails to generate certain types with Go 1.14
  * go#37480 runtime: "fatal error: unexpected signal" 0xC0000005 on Windows for a small program with a large allocation
  * go#37471 os/exec: environForSysProcAttr is never called as sysattr.Env is never nil (forwarded request 792591 from jfkw)

• Files Changed
• Browse Source

- go1.14.1 (released 2020-03-19) includes fixes to the go command,
  tools, and the runtime.
  Refs boo#1164903 go1.14 release tracking
- Packaging sync accumulated changes from go1.12
  Refs boo#1164903 go1.14 release tracking
- Use gcc9 by default by updating define gcc_go_version 9 (was 8)
  * drop unneeded patch gcc8-go.patch
- Fix broken go_api evaluation (1.12 < 1.5, when evaluated as floats),
  let RPM evaluate the expression, drop no longer required bc.
- Own the gdbinit.d directory, avoid the build dependency on gdb.
- Add %ifarch %arm aarch64 BuildRequires: binutils-gold to fix
  collect2: fatal error: cannot find 'ld'- (forwarded request 787030 from jfkw)

• Files Changed
• Browse Source

go1.14 (released 2020-02-25) is a major release of Go.
Most changes are in the implementation of the toolchain, runtime,
and libraries. As always, the release maintains the Go 1 promise
of compatibility. We expect almost all Go programs to continue to
compile and run as before.

• Browse Source