golang

Author	SHA1	Message	Date
EulerOSWander	159f203404	bugfix: fix CVE-2024-24787 Signed-off-by: EulerOSWander <314264452@qq.com>	2024-06-21 15:12:50 +08:00
Zhao Mengmeng	75945c5da0	Fix CVE-2024-24790 Backport from upstream commit: `051bdf3fd1` Signed-off-by: Zhao Mengmeng <zhaomengmeng@kylinos.cn>	2024-06-14 09:28:43 +08:00
chenguoqi	0f1da4a7e6	Fix missing go.env file	2024-06-12 10:54:39 +08:00
Huang Yang	6bf75f794e	enable external_linker and cgo on loongarch64	2024-04-18 08:13:54 +00:00
hanchao	7c72730658	backport: fix CVE-2023-45288	2024-04-16 21:41:37 +08:00
hanchao	7e7f663d4b	backport: fix CVE-2024-24784	2024-03-28 18:35:18 +08:00
hanchao	24ce46ddd0	bugfix: enabling the patching function	2024-03-28 18:35:13 +08:00
zhangwenlong01	1628c33a1f	fix build error for loongarch64 Signed-off-by: zhangwenlong01 <zhangwenlong@loongson.cn> (cherry picked from commit ab448e9c4c9ac0f334fd4fc519e73c193597fcc8)	2024-03-28 09:18:26 +08:00
hanchao	5f0e9e311b	backport: fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289	2024-03-15 16:41:17 +08:00
jiahua.yu	89e31d4307	Init support for arch ppc64le	2023-12-13 10:31:08 +08:00
hanchao	f514094aa2	upgrade to 1.21.4	2023-12-05 14:37:44 +08:00
wanglimin	007faac7bf	permit requests with invalid Host headers	2023-08-24 18:17:26 +08:00
root	c79107b0b3	1.20.7	2023-08-07 16:01:31 +08:00
Funda Wang	cf15318291	Use local proxy and sumdb for speed up	2023-07-31 19:55:14 +08:00
sunchendong	f494134fe5	cvefix:fix CVE-2023-29406	2023-07-24 15:46:40 +08:00
hanchao	3f8235235e	update: update to go1.20.5	2023-07-03 19:23:36 +08:00
zhangzhihui	f1b37a1aac	[Backport] fix some CVE CVE num upstream commit openEuler patch CVE-2023-29400 9db0e74f606b8afb28cc71d4b1c8b4ed24cabbf5 0016-release-branch.go1.19-html-template-emit-filterFails.patch CVE-2023-24540 ce7bd33345416e6d8cac901792060591cafc2797 0015-release-branch.go1.19-html-template-handle-all-JS-wh.patch CVE-2023-24539 e49282327b05192e46086bf25fd3ac691205fe80 0014-release-branch.go1.19-html-template-disallow-angle-b.patch CVE-2023-24538 b1e3ecfa06b67014429a197ec5e134ce4303ad9b 0013-release-branch.go1.19-html-template-disallow-actions.patch CVE-2023-24537 126a1d02da82f93ede7ce0bd8d3c51ef627f2104 0012-release-branch.go1.19-go-scanner-reject-large-line-a.patch CVE-2023-24536 7917b5f31204528ea72e0629f0b7d52b35b27538 0011-release-branch.go1.19-mime-multipart-limit-parsed-mi.patch CVE-2023-24536 7a359a651c7ebdb29e0a1c03102fce793e9f58f0 0010-release-branch.go1.19-net-textproto-mime-multipart-i.patch CVE-2023-24536 ef41a4e2face45e580c5836eaebd51629fc23f15 0009-release-branch.go1.19-mime-multipart-avoid-excessive.patch CVE-2023-24534 d6759e7a059f4208f07aa781402841d7ddaaef96 0008-release-branch.go1.19-net-textproto-avoid-overpredic.patch CVE-2023-24532 639b67ed114151c0d786aa26e7faeab942400703 0007-release-branch.go1.19-crypto-internal-nistec-reduce-.patch CVE-2022-41723 5c3e11bd0b5c0a86e5beffcd4339b86a902b21c3 0006-release-branch.go1.19-net-http-update-bundled-golang.patch CVE-2022-41724 00b256e9e3c0fa02a278ec9dfc3e191e02ceaf80 0005-release-branch.go1.19-crypto-tls-replace-all-usages-.patch CVE-2022-41725 5c55ac9bf1e5f779220294c843526536605f42ab 0004-release-branch.go1.19-mime-multipart-limit-memory-in.patch CVE-2022-41722 3345ddca41f00f9ed6fc3c1a36f6e2bede02d7ff 0003-release-branch.go1.19-path-filepath-do-not-Clean-a-..patch Signed-off-by: zhangzhihui <zhangzhihui@xfusion.com>	2023-05-10 17:38:15 +08:00
ChendongSun	6d0f92022c	fix CVE-2023-24534	2023-04-25 08:34:49 +08:00
ChendongSun	771692cd56	fix CVE-2023-24538	2023-04-13 19:41:12 +08:00
ChendongSun	eea5870153	golang: fix CVE-2023-24537	2023-04-13 13:36:11 +08:00
misaka00251	044dd36e7d	Enable go plugin support & upstream sv57 enablement for riscv64	2023-04-03 15:08:19 +08:00
hanchao	bf9ade514f	golang: upgrade to golang1.19.4	2023-01-10 19:24:04 +08:00
wanglimin	a7f58e6f18	support Cut in bytes,strings	2022-12-21 14:46:41 +08:00
hanchao	9bab37fbc7	golang: remove hard code and strong dependency of git, subversion and mercurial	2022-11-21 16:40:44 +08:00
hanchao	76ac33e67e	golang: fix CVE-2022-41716 Score: 7.5 Reference: https://go-review.googlesource.com/c/go/+/446916 Conflict: src/os/exec/exec.go;src/syscall/exec_windows.go Reason: fix CVE-2022-41716	2022-11-17 13:05:07 +08:00
hanchao	4fd46fe7b9	golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879 Score:CVE-2022-41715:4,CVE-2022-2880:5.3,CVE-2022-2879:6.2 Reference:https://go-review.googlesource.com/c/go/+/438501, https://go-review.googlesource.com/c/go/+/433695, https://go-review.googlesource.com/c/go/+/438500 Conflict:NA Reason:fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879	2022-10-12 18:24:08 +08:00
hanchao	793f4d493d	golang: fix CVE-2022-27664 Score: 7.5 Reference: https://go-review.googlesource.com/c/go/+/428635/ Conflict: NA Reason: fix CVE-2022-27664	2022-09-15 10:29:01 +08:00
hanchao	eac443ba4a	golang: modify the golang.spec to remove unnecessary files from golang-help package Reason: golang-help package include unnecessary files such as shared libs. now remove those unnecessary files.	2022-09-08 21:14:05 +08:00
hanchao	282de33531	golang: fix CVE-2022-29804,CVE-2022-29526 Score: CVE-2022-29804: 7.5, CVE-2022-29526: 5.3 Reference: https://go-review.googlesource.com/c/go/+/401595/, https://go-review.googlesource.com/c/go/+/401078/ Conflict: NA Reason: fix CVE-2022-29804,CVE-2022-29526	2022-09-08 20:04:30 +08:00
hanchao	6dd57444d5	golang: fix CVE-2022-32189 Score: 6.5 Reference: https://go-review.googlesource.com/c/go/+/419814 Conflict: NA Reason: fix CVE-2022-32189	2022-09-08 20:04:16 +08:00
hanchao	40c91388a1	golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633, CVE-2022-30635,CVE-2022-30630,CVE-2022-30632,CVE-2022-28131, CVE-2022-30631,CVE-2022-30629,CVE-2022-30634 Conflict: NA Score: CVE-2022-32148: 5.3 CVE-2022-1962: 6.2 CVE-2022-1705: 5.3 CVE-2022-30633: 6.2 CVE-2022-30635: 5.5 CVE-2022-30630: 6.2 CVE-2022-30632: 6.2 CVE-2022-28131: 6.2 CVE-2022-30631: 7.5 CVE-2022-30629: 2.6 CVE-2022-30634: 7.5 Reference: CVE-2022-32148: https://go-review.googlesource.com/c/go/+/415221 CVE-2022-1962: https://go-review.googlesource.com/c/go/+/417070 CVE-2022-1705: https://go-review.googlesource.com/c/go/+/415217 CVE-2022-30633: https://go-review.googlesource.com/c/go/+/417069 CVE-2022-30635: https://go-review.googlesource.com/c/go/+/417074 CVE-2022-30630: https://go-review.googlesource.com/c/go/+/417072 CVE-2022-30632: https://go-review.googlesource.com/c/go/+/417073 CVE-2022-28131: https://go-review.googlesource.com/c/go/+/417068 CVE-2022-30631: https://go-review.googlesource.com/c/go/+/417071 CVE-2022-30629: https://go-review.googlesource.com/c/go/+/408574 CVE-2022-30634: https://go-review.googlesource.com/c/go/+/406635 Reason: fix CVE: CVE-2022-32148: 0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch CVE-2022-1962: 0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch CVE-2022-1705: 0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch CVE-2022-30633: 0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch CVE-2022-30635: 0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch CVE-2022-30630: 0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch CVE-2022-30632: 0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch CVE-2022-28131: 0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch CVE-2022-30631: 0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch CVE-2022-30629: 0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch CVE-2022-30634: 0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch	2022-09-08 20:04:05 +08:00
hubin	e40a694498	backport patch to fix bug of golang plugin mode Signed-off-by: hubin <hubin73@huawei.com>	2022-09-08 20:03:42 +08:00
hc	9ab15eb485	update golang.spec.	2022-09-08 20:03:32 +08:00
hanchao	6f993c149e	fix CVE-2021-44717 Conflict: NA Score: 4.8 Reference: https://go-review.googlesource.com/c/go/+/370534 Reason: fix CVE-2021-44717 Signed-off-by: hanchao <hanchao47@huawei.com>	2022-09-08 20:03:10 +08:00
hanchao	1145718521	fix CVE-2022-28327,CVE-2022-24675 Conflict: NA Score: CVE-2022-28327:7.5,CVE-2022-24675:7.5 Reference: https://go-review.googlesource.com/c/go/+/397136,https://go-review.googlesource.com/c/go/+/399816 Reason: CVE-2022-28327,CVE-2022-24675	2022-09-08 20:02:50 +08:00
JackChan8	da8a16d28d	golang: upgrade to 1.17.3 Signed-off-by: JackChan8 <chenjiankun1@huawei.com> Signed-off-by: jingxiaolu <lujingxiao@huawei.com>	2021-12-15 10:28:39 +08:00
DCCooper	0953db6ef4	golang: speed up build progress Signed-off-by: DCCooper <1866858@gmail.com>	2021-04-15 15:40:15 +08:00
meilier	10a96e3391	golang: upgrade to 1.15.7	2021-01-28 20:44:14 +08:00
yangyanchao	d4285b29c9	all:add cgo support to the riscv port Signed-off-by: yangyanchao <yangyanchao6@huawei.com>	2020-12-07 15:06:43 +08:00
whoisxxx	09c818ff0c	Fix error in changelog date	2020-11-28 13:22:42 +08:00
whoisxxx	42186258f0	Adapt for riscv-64	2020-11-28 13:20:11 +08:00
zvier	17b4faefc5	golang: upgrade to 1.15.5 Signed-off-by: liuzekun <liuzekun@huawei.com>	2020-11-18 10:16:36 +08:00
xiadanni	6ad438669a	golang: upgrade to 1.13.15 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-08-18 19:23:22 +08:00
xiadanni	5820a98415	golang: add yaml Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-31 11:24:52 +08:00
xiadanni	52c05d8eb6	golang: upgrade to 1.13.14 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-31 09:27:27 +08:00
xiadanni	e6fdab00b8	golang: bump to 1.13.4 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-23 19:40:56 +08:00
DCCooper	deb13bfa9d	golang: sync code with CVE and cleancode reason: 1. drop hard code cert 2. rename tar name and make it same with upstream Signed-off-by: DCCooper <1866858@gmail.com>	2020-05-12 17:08:40 +08:00
jingrui	d9ea2f312b	golang: fix cve CVE-2020-7919 Change-Id: I0c69fd3added6f82599c1cb9e4a1dbb02112de84 Signed-off-by: jingrui <jingrui@huawei.com>	2020-04-16 16:22:51 +08:00
Grooooot	03aa981a87	golang: remove unused requires "mercurial" Signed-off-by: Grooooot <isula@huawei.com>	2020-02-20 18:22:53 +08:00
Grooooot	1ce9a9033f	golang: fix patch 0012 format Signed-off-by: Grooooot <isula@huawei.com>	2020-01-10 10:06:14 +08:00

1 2

56 Commits