golang

Author	SHA1	Message	Date
hanchao	40c91388a1	golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633, CVE-2022-30635,CVE-2022-30630,CVE-2022-30632,CVE-2022-28131, CVE-2022-30631,CVE-2022-30629,CVE-2022-30634 Conflict: NA Score: CVE-2022-32148: 5.3 CVE-2022-1962: 6.2 CVE-2022-1705: 5.3 CVE-2022-30633: 6.2 CVE-2022-30635: 5.5 CVE-2022-30630: 6.2 CVE-2022-30632: 6.2 CVE-2022-28131: 6.2 CVE-2022-30631: 7.5 CVE-2022-30629: 2.6 CVE-2022-30634: 7.5 Reference: CVE-2022-32148: https://go-review.googlesource.com/c/go/+/415221 CVE-2022-1962: https://go-review.googlesource.com/c/go/+/417070 CVE-2022-1705: https://go-review.googlesource.com/c/go/+/415217 CVE-2022-30633: https://go-review.googlesource.com/c/go/+/417069 CVE-2022-30635: https://go-review.googlesource.com/c/go/+/417074 CVE-2022-30630: https://go-review.googlesource.com/c/go/+/417072 CVE-2022-30632: https://go-review.googlesource.com/c/go/+/417073 CVE-2022-28131: https://go-review.googlesource.com/c/go/+/417068 CVE-2022-30631: https://go-review.googlesource.com/c/go/+/417071 CVE-2022-30629: https://go-review.googlesource.com/c/go/+/408574 CVE-2022-30634: https://go-review.googlesource.com/c/go/+/406635 Reason: fix CVE: CVE-2022-32148: 0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch CVE-2022-1962: 0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch CVE-2022-1705: 0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch CVE-2022-30633: 0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch CVE-2022-30635: 0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch CVE-2022-30630: 0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch CVE-2022-30632: 0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch CVE-2022-28131: 0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch CVE-2022-30631: 0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch CVE-2022-30629: 0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch CVE-2022-30634: 0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch	2022-09-08 20:04:05 +08:00
hubin	e40a694498	backport patch to fix bug of golang plugin mode Signed-off-by: hubin <hubin73@huawei.com>	2022-09-08 20:03:42 +08:00
hc	9ab15eb485	update golang.spec.	2022-09-08 20:03:32 +08:00
hanchao	6f993c149e	fix CVE-2021-44717 Conflict: NA Score: 4.8 Reference: https://go-review.googlesource.com/c/go/+/370534 Reason: fix CVE-2021-44717 Signed-off-by: hanchao <hanchao47@huawei.com>	2022-09-08 20:03:10 +08:00
hanchao	1145718521	fix CVE-2022-28327,CVE-2022-24675 Conflict: NA Score: CVE-2022-28327:7.5,CVE-2022-24675:7.5 Reference: https://go-review.googlesource.com/c/go/+/397136,https://go-review.googlesource.com/c/go/+/399816 Reason: CVE-2022-28327,CVE-2022-24675	2022-09-08 20:02:50 +08:00
JackChan8	da8a16d28d	golang: upgrade to 1.17.3 Signed-off-by: JackChan8 <chenjiankun1@huawei.com> Signed-off-by: jingxiaolu <lujingxiao@huawei.com>	2021-12-15 10:28:39 +08:00
DCCooper	0953db6ef4	golang: speed up build progress Signed-off-by: DCCooper <1866858@gmail.com>	2021-04-15 15:40:15 +08:00
meilier	10a96e3391	golang: upgrade to 1.15.7	2021-01-28 20:44:14 +08:00
yangyanchao	d4285b29c9	all:add cgo support to the riscv port Signed-off-by: yangyanchao <yangyanchao6@huawei.com>	2020-12-07 15:06:43 +08:00
whoisxxx	09c818ff0c	Fix error in changelog date	2020-11-28 13:22:42 +08:00
whoisxxx	42186258f0	Adapt for riscv-64	2020-11-28 13:20:11 +08:00
zvier	17b4faefc5	golang: upgrade to 1.15.5 Signed-off-by: liuzekun <liuzekun@huawei.com>	2020-11-18 10:16:36 +08:00
xiadanni	6ad438669a	golang: upgrade to 1.13.15 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-08-18 19:23:22 +08:00
xiadanni	5820a98415	golang: add yaml Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-31 11:24:52 +08:00
xiadanni	52c05d8eb6	golang: upgrade to 1.13.14 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-31 09:27:27 +08:00
xiadanni	e6fdab00b8	golang: bump to 1.13.4 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-07-23 19:40:56 +08:00
DCCooper	deb13bfa9d	golang: sync code with CVE and cleancode reason: 1. drop hard code cert 2. rename tar name and make it same with upstream Signed-off-by: DCCooper <1866858@gmail.com>	2020-05-12 17:08:40 +08:00
jingrui	d9ea2f312b	golang: fix cve CVE-2020-7919 Change-Id: I0c69fd3added6f82599c1cb9e4a1dbb02112de84 Signed-off-by: jingrui <jingrui@huawei.com>	2020-04-16 16:22:51 +08:00
Grooooot	03aa981a87	golang: remove unused requires "mercurial" Signed-off-by: Grooooot <isula@huawei.com>	2020-02-20 18:22:53 +08:00
Grooooot	1ce9a9033f	golang: fix patch 0012 format Signed-off-by: Grooooot <isula@huawei.com>	2020-01-10 10:06:14 +08:00
Grooooot	8b0d150421	runtime: use innermost frame's func name for async preemption check We don't asynchronously preempt if we are in the runtime. We do this by checking the function name. However, it failed to take inlining into account. If a runtime function gets inlined into a non-runtime function, it can be preempted, and bad things can happen. One instance of this is dounlockOSThread inlined into UnlockOSThread which is in turn inlined into a non-runtime function. Fix this by using the innermost frame's function name. Change-Id: Ifa036ce1320700aaaefd829b4bee0d04d05c395d Reviewed-on: https://go-review.googlesource.com/c/go/+/211978 Run-TryBot: Cherry Zhang <cherryyz@google.com> TryBot-Result: Gobot Gobot <gobot@golang.org> Reviewed-by: Austin Clements <austin@google.com> Signed-off-by: Grooooot <isula@huawei.com>	2020-01-08 15:04:53 +08:00
Grooooot	592bf09553	golang: modification of spec Signed-off-by: Grooooot <isula@huawei.com>	2020-01-06 10:24:02 +08:00
openeuler-iSula	747b3d9598	golang: modify source0 download address Signed-off-by: openeuler-iSula <isula@huawei.com>	2019-12-29 15:43:54 +08:00
dogsheng	ce820709f2	Package init	2019-12-25 15:47:08 +08:00
dogsheng	f6abdd32e1	Package init	2019-12-13 15:19:17 +08:00
overweight	c29de2f632	Package init	2019-09-30 10:41:22 -04:00

1 2

76 Commits