baserev update by copy to link target

• Files Changed
• Browse Source

- Remove remaining use of gold linker when bootstrapping with
  gccgo. The binutils-gold package will be removed in the future.
  * History: go1.8.3 2017-06-18 added conditional if gccgo defined
    BuildRequires: binutils-gold for arches other than s390x
  * No information available why binutils-gold was used initially
  * Unrelated to upstream recent hardcoded gold dependency for ARM

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- go1.17.9 (released 2022-04-12) includes security fixes to the
  crypto/elliptic and encoding/pem packages, as well as bug fixes
  to the linker and runtime.
  Refs boo#1190649 go1.17 release tracking
  CVE-2022-24675 CVE-2022-28327
  * boo#1198423 go#51853 CVE-2022-24675
  * go#52036 encoding/pem: stack overflow
  * boo#1198424 go#52075 CVE-2022-28327
  * go#52076 crypto/elliptic: generic P-256 panic when scalar has too many leading zeroes
  * go#51736 plugin: tls handshake panic: unreachable method called. linker bug?
  * go#51696 runtime: some tests fails on Windows with CGO_ENABLED=0
  * go#51458 runtime: finalizer call has wrong frame size
  * go#50611 internal/poll: deadlock in Read on arm64 when an FD is closed

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Template gcc-go.patch to substitute gcc_go_version and eliminate
  multiple similar patches each with hardcoded gcc go binary name.
  gcc-go.patch inserts gcc-go binary name e.g. go-8 to compensate
  for current lack of gcc-go update-alternatives usage.
  * add gcc-go.patch
  * drop gcc6-go.patch
  * drop gcc7-go.patch

- For SLE-12 set gcc_go_version to 8 to bootstrap using gcc8-go.
  gcc6-go and gcc7-go no longer successfully bootstrap go1.17 or
  go1.18 on SLE-12 aarch64 ppc64le or s390x.
  * gcc6-go fails with errors e.g. libnoder.a(_go_.o):(.toc+0x0):
    undefined reference to `__go_pimt__I4_DiagFrN4_boolee3

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- Add %define go_label as a configurable Go toolchain directory
  * go_label can be used to package multiple Go toolchains with
    the same go_api
  * go_label should be defined as go_api with an optional suffix
    e.g. %{go_api} or %{go_api}-foo
  * Default go_label = go_api makes no changes to package layout

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- add dont-force-gold-on-arm64.patch (bsc#1183043)
- drop binutils-gold dependency

• Files Changed
• Browse Source

baserev update by copy to link target

• Files Changed
• Browse Source

- go1.17.8 (released 2022-03-03) includes a security fix to the
  regexp/syntax package, as well as bug fixes to the compiler,
  runtime, the go command, and the crypto/x509, and net packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2022-24921
  * boo#1196732 go#51112 CVE-2022-24921
  * go#51118 regexp: stack overflow (process exit) handling deeply nested regexp
  * go#51332 cmd/go/internal/modfetch: erroneously resolves a v2+incompatible version when a v2/go.mod file exists
  * go#51199 cmd/compile: "runtime: bad pointer in frame" in riscv64 with complier optimizations
  * go#51162 net: use EDNS to increase DNS packet size [freeze exception]
  * go#50734 runtime/metrics: time histogram sub-bucket ranges are off by a factor of two
  * go#51000 crypto/x509: invalid RDNSequence: invalid attribute value: unsupported string type: 18

• Files Changed
• Browse Source

- Add missing .bin binary test data to packaging.
  * Existing test data files added to packaging with mode 644:
    src/compress/bzip2/testdata/pass-random2.bin
    src/compress/bzip2/testdata/pass-random1.bin
    src/debug/dwarf/testdata/line-gcc-win.bin

• Files Changed
• Browse Source

- go1.17.7 (released 2022-02-10) includes security fixes to the
  crypto/elliptic, math/big packages and to the go command, as well
  as bug fixes to the compiler, linker, runtime, the go command,
  and the debug/macho, debug/pe, and net/http/httptest packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2022-23806 CVE-2022-23772 CVE-2022-23773
  * boo#1195838 go#50974 CVE-2022-23806
  * go#50978 crypto/elliptic: IsOnCurve returns true for invalid field elements
  * boo#1195835 go#50699 CVE-2022-23772
  * go#50701 math/big: Rat.SetString may consume large amount of RAM and crash
  * boo#1195834 go#35671 CVE-2022-23773
  * go#50687 cmd/go: do not treat branches with semantic-version names as releases
  * go#50942 cmd/asm: "compile: loop" compiler bug?
  * go#50867 cmd/compile: incorrect use of CMN on arm64
  * go#50812 cmd/go: remove bitbucket VCS probing
  * go#50781 runtime: incorrect frame information in traceback traversal may hang the process.
  * go#50722 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error
  * go#50683 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg
  * go#50586 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch
  * go#50297 cmd/link: does not set section type of .init_array correctly
  * go#50246 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package

• Files Changed
• Browse Source

- go1.17.6 (released 2022-01-06) includes fixes to the compiler,
  linker, runtime, and the crypto/x509, net/http, and reflect
  packages.
  Refs boo#1190649 go1.17 release tracking
  * go#50165 crypto/x509: error parsing large ASN.1 identifiers
  * go#50073 runtime: race detector SIGABRT or SIGSEGV on macOS Monterey
  * go#49961 reflect: segmentation violation while using html/template
  * go#49921 x/net/http2: http.Server.WriteTimeout does not fire if the http2 stream's window is out of space.
  * go#49413 cmd/compile: internal compiler error: Op...LECall and OpDereference have mismatched mem
  * go#48116 runtime: mallocs cause "base outside usable address space" panic when running on iOS 14

• Files Changed
• Browse Source

- go1.17.5 (released 2021-12-09) includes security fixes to the
  syscall and net/http packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2021-44716 CVE-2021-44717
  * boo#1193598 go#50057 CVE-2021-44717
  * go#50067 syscall: don’t close fd 0 on ForkExec error
  * boo#1193597 go#50058 CVE-2021-44716
  * go#50065 net/http: limit growth of header canonicalization cache

• Files Changed
• Browse Source

- go1.17.4 (released 2021-12-02) includes fixes to the compiler,
  linker, runtime, and the go/types, net/http, and time packages.
  Refs boo#1190649 go1.17 release tracking
  * go#49911 x/net/http2: frequent failures in TestClientConnCloseAtBody
  * go#49909 x/net/ipv6: TestPacketConnReadWriteMulticast{UDP,ICMP} failing with "i/o timeout" on OpenBSD 6.8 and 7.0
  * go#49905 x/net/http2: Client doesn't send body until ExpectContinueTimeout expires
  * go#49868 syscall: ntdll.dll errors in rtlGetNtVersionNumbers via os.StartProcess
  * go#49729 runtime: "fatal error: unexpected signal during runtime execution" in cmd/go tests on darwin-amd64-race running macOS 12.0
  * go#49662 x/net/http2: TestUnreadFlowControlReturned_Server failures with stream error "NO_ERROR" since 2021-10-05
  * go#49624 net/http: Possible HTTP/2 busy loop regression in Go 1.17.3
  * go#49568 net/http: server responds with Transfer-Encoding: identity
  * go#49561 x/net/http2: setting Request.Close doesn't close TCP connections
  * go#49559 net/http: HTTP/2 response body Close method sometimes returns spurious context cancelation error (1.17.3 regression)
  * go#49511 cmd/compile: init info of OAS node in a select case is being dropped
  * go#49479 runtime: "morestack on g0" in x/perf/storage/app on windows/arm64
  * go#49407 time: ParseInLocation error
  * go#49392 cmd/compile: internal compiler error: Expand calls interface data problem
  * go#49369 runtime: time goes backwards on windows-arm64 (frequent TestGcLastTime failures)
  * go#49129 cmd/compile: internal compiler error: can't find source for b12->b4: v31 = MOVBload <bool> v14 v1 : DX
  * go#48825 go/types, types2: stack overflow in hasVarSize for invalid type

• Files Changed
• Browse Source

- go1.17.3 (released 2021-11-04) includes security fixes to the
  archive/zip and debug/macho packages, as well as bug fixes to the
  compiler, linker, runtime, the go command, the misc/wasm
  directory, and to the net/http and syscall packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2021-41771 CVE-2021-41772
  * boo#1192377 go#48990 CVE-2021-41771
  * go#48992 debug/macho: invalid dynamic symbol table command can cause panic
  * boo#1192378 go#48085 CVE-2021-41772
  * go#48252 archive/zip: Reader.Open panics on empty string
  * go#49199 cmd/go: go list all breaks in //go:build-only repos
  * go#49154 misc/wasm, cmd/link: Go 1.17.2 causes WASM builds to throw command line too long with many environment variables
  * go#49086 cmd/link: -buildmode=pie -linkshared panic at runtime
  * go#49077 x/net/http2: backport critical fixes
  * go#49010 net,runtime: apparent deadlock in (*net.conn).Close and runtime.netpollblock on arm64 platforms
  * go#48823 x/net/http2: client can hang forever if headers' size exceeds connection's buffer size and server hangs past request time
  * go#48650 x/net/http2: pool deadlock
  * go#48479 cmd/compile: 64 bits shifts on arm get wrong results
  * go#48475 cmd/compile: incorrect arm/arm64 simplification rules
  * go#48075 syscall: SysProcAttr{ NoInheritHandles: true } broken in 1.17 on Windows

• Files Changed
• Browse Source

- go1.17.2 (released 2021-10-07) includes a security fix to the
  linker and misc/wasm directory, as well as bug fixes to the
  compiler, the runtime, the go command, and to the time and
  text/template packages.
  Refs boo#1190649 go1.17 release tracking
  CVE-2021-38297
  * boo#1191468 go#48797 CVE-2021-38297
  * go#48800 security: fix CVE-2021-38297 misc/wasm, cmd/link: do not let command line args overwrite global data
  * go#48561 cmd/compile: unsafe.Add bug when adding uint8 value to a pointer
  * go#48444 text/template: should t.init() be executed before t.muTmpl.Lock() in AddParseTree() method?
  * go#48177 time: output does not respect comma as millisecond separator
  * go#47859 time: timer reset sometimes ignored, causing delayed ticks
  * go#47756 cmd/go: mod tidy -go=1.17 should move indirect dependencies to the second require part

• Files Changed
• Browse Source

initialized devel package after accepting 920225

• Files Changed
• Browse Source