packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
101 Commits 1 Branch 0 Tags
Commit Graph

101 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
openeuler-ci-bot
dcffd45493
!132 golang: fix CVE-2022-27664 
From: @hcnbxx 
Reviewed-by: @jing-rui, @zhangsong234 
Signed-off-by: @jing-rui
 2022-09-15 06:30:51 +00:00
hanchao
793f4d493d golang: fix CVE-2022-27664 
Score: 7.5
Reference: https://go-review.googlesource.com/c/go/+/428635/
Conflict: NA
Reason: fix CVE-2022-27664
 2022-09-15 10:29:01 +08:00
openeuler-ci-bot
f290bfb37b
!125 golang.spec: modify the golang.spec to remove unnecessary files from golang-help package 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-09-13 08:31:37 +00:00
hanchao
eac443ba4a golang: modify the golang.spec to remove unnecessary files from 
golang-help package

Reason: golang-help package include unnecessary files such as shared
libs. now remove those unnecessary files.
 2022-09-08 21:14:05 +08:00
openeuler-ci-bot
19509c9e51
!122 Synchronize the master branch and openEuler-22.03 
From: @hcnbxx 
Reviewed-by: @zhangsong234, @jing-rui 
Signed-off-by: @jing-rui
 2022-09-08 12:18:17 +00:00
hanchao
282de33531 golang: fix CVE-2022-29804,CVE-2022-29526 
Score: CVE-2022-29804: 7.5, CVE-2022-29526: 5.3
Reference: https://go-review.googlesource.com/c/go/+/401595/, https://go-review.googlesource.com/c/go/+/401078/
Conflict: NA
Reason: fix CVE-2022-29804,CVE-2022-29526
 2022-09-08 20:04:30 +08:00
hanchao
6dd57444d5 golang: fix CVE-2022-32189 
Score: 6.5
Reference: https://go-review.googlesource.com/c/go/+/419814
Conflict: NA
Reason: fix CVE-2022-32189
 2022-09-08 20:04:16 +08:00
hanchao
40c91388a1 golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633, 
CVE-2022-30635,CVE-2022-30630,CVE-2022-30632,CVE-2022-28131,
CVE-2022-30631,CVE-2022-30629,CVE-2022-30634

Conflict: NA

Score:
CVE-2022-32148: 5.3
CVE-2022-1962:  6.2
CVE-2022-1705:  5.3
CVE-2022-30633: 6.2
CVE-2022-30635: 5.5
CVE-2022-30630: 6.2
CVE-2022-30632: 6.2
CVE-2022-28131: 6.2
CVE-2022-30631: 7.5
CVE-2022-30629: 2.6
CVE-2022-30634: 7.5

Reference:
CVE-2022-32148: https://go-review.googlesource.com/c/go/+/415221
CVE-2022-1962:	https://go-review.googlesource.com/c/go/+/417070
CVE-2022-1705:  https://go-review.googlesource.com/c/go/+/415217
CVE-2022-30633: https://go-review.googlesource.com/c/go/+/417069
CVE-2022-30635: https://go-review.googlesource.com/c/go/+/417074
CVE-2022-30630: https://go-review.googlesource.com/c/go/+/417072
CVE-2022-30632: https://go-review.googlesource.com/c/go/+/417073
CVE-2022-28131: https://go-review.googlesource.com/c/go/+/417068
CVE-2022-30631: https://go-review.googlesource.com/c/go/+/417071
CVE-2022-30629: https://go-review.googlesource.com/c/go/+/408574
CVE-2022-30634: https://go-review.googlesource.com/c/go/+/406635

Reason: fix CVE:
CVE-2022-32148: 0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch
CVE-2022-1962:	0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch
CVE-2022-1705:  0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch
CVE-2022-30633: 0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch
CVE-2022-30635: 0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch
CVE-2022-30630: 0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch
CVE-2022-30632: 0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch
CVE-2022-28131: 0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch
CVE-2022-30631: 0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch
CVE-2022-30629: 0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch
CVE-2022-30634: 0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch
 2022-09-08 20:04:05 +08:00
hubin
e40a694498 backport patch to fix bug of golang plugin mode 
Signed-off-by: hubin <hubin73@huawei.com>
 2022-09-08 20:03:42 +08:00
hc
9ab15eb485 update golang.spec. 2022-09-08 20:03:32 +08:00
hanchao
6f993c149e fix CVE-2021-44717 
Conflict: NA
Score: 4.8
Reference: https://go-review.googlesource.com/c/go/+/370534
Reason: fix CVE-2021-44717

Signed-off-by: hanchao <hanchao47@huawei.com>
 2022-09-08 20:03:10 +08:00
hanchao
1145718521 fix CVE-2022-28327,CVE-2022-24675 
Conflict: NA
Score: CVE-2022-28327:7.5,CVE-2022-24675:7.5
Reference: https://go-review.googlesource.com/c/go/+/397136,https://go-review.googlesource.com/c/go/+/399816
Reason: CVE-2022-28327,CVE-2022-24675
 2022-09-08 20:02:50 +08:00
openeuler-ci-bot
e2c1a804ad !60 golang: upgrade to 1.17.3 
Merge pull request !60 from jingxiaolu/upgrade
 2021-12-15 02:39:42 +00:00
JackChan8
da8a16d28d golang: upgrade to 1.17.3 
Signed-off-by: JackChan8 <chenjiankun1@huawei.com>
Signed-off-by: jingxiaolu <lujingxiao@huawei.com>
 2021-12-15 10:28:39 +08:00
openeuler-ci-bot
8d3cd0f27c !32 golang: speed up build progress 
From: @DCCooper
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2021-04-16 09:36:45 +08:00
DCCooper
0953db6ef4 golang: speed up build progress 
Signed-off-by: DCCooper <1866858@gmail.com>
 2021-04-15 15:40:15 +08:00
openeuler-ci-bot
c049552c00 !22 Upgrade golang to 1.15.7 
From: @meilier
Reviewed-by: @jingxiaolu,@jing-rui
Signed-off-by: @jing-rui
 2021-01-29 08:58:58 +08:00
meilier
10a96e3391 golang: upgrade to 1.15.7 2021-01-28 20:44:14 +08:00
openeuler-ci-bot
352325f497 !17 Enable cgo for risc-v golang 
From: @riscv-spare
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2020-12-11 15:02:22 +08:00
rv_spare
7194175613 !1 all: add cgo support to the riscv port 
Merge pull request !1 from 杨演超/master
 2020-12-10 15:55:22 +08:00
yangyanchao
d4285b29c9 all:add cgo support to the riscv port 
Signed-off-by: yangyanchao <yangyanchao6@huawei.com>
 2020-12-07 15:06:43 +08:00
openeuler-ci-bot
8fc567dddc !16 Adapt for riscv64 and fix error in changelog 
From: @whoisxxx
Reviewed-by: @liqingqing_1229,@jing-rui
Signed-off-by: @jing-rui
 2020-11-30 14:53:56 +08:00
whoisxxx
09c818ff0c Fix error in changelog date 2020-11-28 13:22:42 +08:00
whoisxxx
42186258f0 Adapt for riscv-64 2020-11-28 13:20:11 +08:00
openeuler-ci-bot
72293a06dd !15 golang: upgrade to 1.15.5 
From: @zvier
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2020-11-18 10:58:21 +08:00
zvier
17b4faefc5 golang: upgrade to 1.15.5 
Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-11-18 10:16:36 +08:00
openeuler-ci-bot
2966fbf3da !12 golang: upgrade to 1.13.15 
Merge pull request !12 from Vanient/master
 2020-08-18 20:24:00 +08:00
xiadanni
6ad438669a golang: upgrade to 1.13.15 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-08-18 19:23:22 +08:00
openeuler-ci-bot
b96ea79f9c !11 golang: add yaml 
Merge pull request !11 from Vanient/master
 2020-07-31 15:11:19 +08:00
xiadanni
5820a98415 golang: add yaml 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-31 11:24:52 +08:00
openeuler-ci-bot
08a7c059f6 !10 golang: upgrade to 1.13.14 
Merge pull request !10 from Vanient/master
 2020-07-31 10:23:45 +08:00
xiadanni
52c05d8eb6 golang: upgrade to 1.13.14 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-31 09:27:27 +08:00
openeuler-ci-bot
282d90f4a9 !9 golang: bump version to 1.13.4 
Merge pull request !9 from Vanient/master
 2020-07-23 20:01:41 +08:00
xiadanni
e6fdab00b8 golang: bump to 1.13.4 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-23 19:40:56 +08:00
openeuler-ci-bot
3741a0e1b9 !7 golang: sync code with CVE and cleancode 
Merge pull request !7 from DCCooper/master
 2020-05-14 09:41:57 +08:00
DCCooper
deb13bfa9d golang: sync code with CVE and cleancode 
reason: 1. drop hard code cert
        2. rename tar name and make it same with upstream

Signed-off-by: DCCooper <1866858@gmail.com>
 2020-05-12 17:08:40 +08:00
openeuler-ci-bot
bec40e0404 !6 golang: fix cve CVE-2020-7919 
Merge pull request !6 from jing-rui/dev
 2020-04-16 15:19:29 +08:00
jingrui
d9ea2f312b golang: fix cve CVE-2020-7919 
Change-Id: I0c69fd3added6f82599c1cb9e4a1dbb02112de84
Signed-off-by: jingrui <jingrui@huawei.com>
 2020-04-16 16:22:51 +08:00
openeuler-ci-bot
e798eb3158 !4 golang: remove unused requires "mercurial" 
Merge pull request !4 from Grooooot/master
 2020-02-21 17:16:20 +08:00
Grooooot
03aa981a87 golang: remove unused requires "mercurial" 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-02-20 18:22:53 +08:00
openeuler-ci-bot
c85faa0eb9 !3 golang: fix patch 0012 format 
Merge pull request !3 from Grooooot/master
 2020-01-10 16:00:35 +08:00
Grooooot
1ce9a9033f golang: fix patch 0012 format 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-10 10:06:14 +08:00
openeuler-ci-bot
7c558b7cdd !2 golang: modification of spec 
Merge pull request !2 from Grooooot/master
 2020-01-09 16:40:20 +08:00
Grooooot
8b0d150421 runtime: use innermost frame's func name for async preemption check 
We don't asynchronously preempt if we are in the runtime. We do
this by checking the function name. However, it failed to take
inlining into account. If a runtime function gets inlined into
a non-runtime function, it can be preempted, and bad things can
happen. One instance of this is dounlockOSThread inlined into
UnlockOSThread which is in turn inlined into a non-runtime
function.

Fix this by using the innermost frame's function name.

Change-Id: Ifa036ce1320700aaaefd829b4bee0d04d05c395d
Reviewed-on: https://go-review.googlesource.com/c/go/+/211978
Run-TryBot: Cherry Zhang <cherryyz@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Austin Clements <austin@google.com>
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-08 15:04:53 +08:00
Grooooot
592bf09553 golang: modification of spec 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-06 10:24:02 +08:00
openeuler-ci-bot
44eb8f78b5 !1 golang: modify source0 download address 
Merge pull request !1 from Grooooot/master
 2019-12-29 16:43:36 +08:00
openeuler-iSula
747b3d9598 golang: modify source0 download address 
Signed-off-by: openeuler-iSula <isula@huawei.com>
 2019-12-29 15:43:54 +08:00
dogsheng
ce820709f2 Package init 2019-12-25 15:47:08 +08:00
dogsheng
467816af2c Package init 2019-12-14 14:32:37 +08:00
dogsheng
f6abdd32e1 Package init 2019-12-13 15:19:17 +08:00