Overview
Request 1098261 accepted
- go1.20.6 (released 2023-07-11) includes a security fix to the
net/http package, as well as bug fixes to the compiler, cgo, the
cover tool, the go command, the runtime, and the crypto/ecdsa,
go/build, go/printer, net/mail, and text/template packages.
Refs boo#1206346 go1.20 release tracking.
CVE-2023-29406
* go#61076 go#60374 boo#1213229 security: fix CVE-2023-29406 net/http: insufficient sanitization of Host header
* go#60352 cmd/go: go mod tidy introduces ambiguous imports in pruned modules
* go#60535 runtime: TLS slot index over 64 and crash
* go#60675 cmd/compile: internal compiler error: out of range for go.shape.int64
* go#60698 cmd/go: go list fails with submodules which have test-only dependencies
* go#60744 crypto/ecdsa: P521 ecdsa.Verify panics with malformed message
* go#60754 cmd/go: panic: LoadImport called with empty package path when listing GOROOT/test/*.go
* go#60760 runtime: checkdead fires due to suspected race in the Go runtime when GOMAXPROCS=1 on AWS
* go#60802 text/template: key/value assignment is reversed within range loop
* go#60845 runtime: SIGSEGV in race + coverage mode
* go#60849 cmd/go: go test deadlocked without enforcing timeouts when killed with ^C
* go#60874 net/mail: mail.ReadMessage in 1.20 cannot parse mbox headers
* go#60875 net/mail: characters allowed in RFC 5322 are invalid while parsing email header
* go#60927 x/tools/go/analysis/unitchecker: TestVetStdlib failures
* go#60947 crypto/x509: TestSystemVerify/EKULeafValid fails on LUCI
* go#60949 runtime: goroutines that stop after calling runtime.RaceDisable break race detector
* go#61055 runtime: TestWindowsStackMemory flakes on windows-386-2016
Request History
jfkw created request
- go1.20.6 (released 2023-07-11) includes a security fix to the
net/http package, as well as bug fixes to the compiler, cgo, the
cover tool, the go command, the runtime, and the crypto/ecdsa,
go/build, go/printer, net/mail, and text/template packages.
Refs boo#1206346 go1.20 release tracking.
CVE-2023-29406
* go#61076 go#60374 boo#1213229 security: fix CVE-2023-29406 net/http: insufficient sanitization of Host header
* go#60352 cmd/go: go mod tidy introduces ambiguous imports in pruned modules
* go#60535 runtime: TLS slot index over 64 and crash
* go#60675 cmd/compile: internal compiler error: out of range for go.shape.int64
* go#60698 cmd/go: go list fails with submodules which have test-only dependencies
* go#60744 crypto/ecdsa: P521 ecdsa.Verify panics with malformed message
* go#60754 cmd/go: panic: LoadImport called with empty package path when listing GOROOT/test/*.go
* go#60760 runtime: checkdead fires due to suspected race in the Go runtime when GOMAXPROCS=1 on AWS
* go#60802 text/template: key/value assignment is reversed within range loop
* go#60845 runtime: SIGSEGV in race + coverage mode
* go#60849 cmd/go: go test deadlocked without enforcing timeouts when killed with ^C
* go#60874 net/mail: mail.ReadMessage in 1.20 cannot parse mbox headers
* go#60875 net/mail: characters allowed in RFC 5322 are invalid while parsing email header
* go#60927 x/tools/go/analysis/unitchecker: TestVetStdlib failures
* go#60947 crypto/x509: TestSystemVerify/EKULeafValid fails on LUCI
* go#60949 runtime: goroutines that stop after calling runtime.RaceDisable break race detector
* go#61055 runtime: TestWindowsStackMemory flakes on windows-386-2016
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto accepted review
Check script succeeded
licensedigger accepted review
ok
anag+factory set openSUSE:Factory:Staging:G as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:G"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:G"
anag+factory added factory-staging as a reviewer
Being evaluated by group "factory-staging"
anag+factory accepted review
Unstaged from project "openSUSE:Factory:Staging:G"
anag+factory set openSUSE:Factory:Staging:I as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:I"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:I"
darix accepted review
Accepted review for by_group opensuse-review-team request 1098261 from user anag+factory
dimstar_suse added factory-staging as a reviewer
Being evaluated by group "factory-staging"
dimstar_suse accepted review
Unstaged from project "openSUSE:Factory:Staging:I"
dimstar_suse set openSUSE:Factory:Staging:F as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:F"
dimstar_suse accepted review
Picked "openSUSE:Factory:Staging:F"
dimstar_suse added factory-staging as a reviewer
Being evaluated by group "factory-staging"
dimstar_suse accepted review
Unstaged from project "openSUSE:Factory:Staging:F"
anag+factory set openSUSE:Factory:Staging:I as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:I"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:I"
favogt_factory added factory-staging as a reviewer
Being evaluated by group "factory-staging"
favogt_factory accepted review
Unstaged from project "openSUSE:Factory:Staging:I"
anag+factory set openSUSE:Factory:Staging:G as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:G"
anag+factory accepted review
Picked "openSUSE:Factory:Staging:G"
anag+factory accepted review
Staging Project openSUSE:Factory:Staging:G got accepted.
anag+factory approved review
Staging Project openSUSE:Factory:Staging:G got accepted.
anag+factory accepted request
Staging Project openSUSE:Factory:Staging:G got accepted.
waiting for matching docker submission
Waiting for docker fix, see boo#1213229