Overview
Request 658012 superseded
- Update to Go 1.10.6 (released 2018/12/13). This includes fixes to
the crypto/x509 and cmd/go packages. See the Go 1.10.6 milestone
on upstream tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.6
* bsc#1118897 CVE-2018-16873
go#29230 cmd/go: remote command execution during "go get -u"
* bsc#1118898 CVE-2018-16874
go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths
* bsc#1118899 CVE-2018-16875
go#29233 crypto/x509: CPU denial of service
* Upstream is aware of a functionality regression in "go get" when
executed in GOPATH mode on an import path pattern containing "..."
(e.g., "go get github.com/golang/pkg/..."), when downloading
packages not already present in the GOPATH workspace. This is go#29241
and will be resolved in the next minor patch release go-1.10.6
- Fix build error with PIE linker flags on ppc64le. bsc#1113978 boo#1098017
* gccgo on ppc64le with default PIE enabled fails with:
error while loading shared libraries:
R_PPC64_ADDR16_HA re10143fb0c for symbol `' out of range
* linuxppc-dev discussion:
"PIE binaries are no longer mapped below 4 GiB on ppc64le"
https://lists.ozlabs.org/pipermail/linuxppc-dev/2018-November/180862.html
* Add for ppc64le only: #!BuildIgnore: gcc-PIE
* OBS environment defaults to PIE
* Upstream fix for go buildmode PIE desired, track upstream go#28531
* go1.10.4 (released 2018/08/24) includes fixes to the go command,
linker, and the net/http, mime/multipart, ld/macho, bytes, and
strings packages. See the Go 1.10.4 milestone on our issue
- Created by jordimassaguerpla
- In state superseded
- Supersedes 657100
- Superseded by 658307
-
Open review for
repo-checker
- Open review for openSUSE:Factory:Staging:G
Request History
jordimassaguerpla created request
- Update to Go 1.10.6 (released 2018/12/13). This includes fixes to
the crypto/x509 and cmd/go packages. See the Go 1.10.6 milestone
on upstream tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.6
* bsc#1118897 CVE-2018-16873
go#29230 cmd/go: remote command execution during "go get -u"
* bsc#1118898 CVE-2018-16874
go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths
* bsc#1118899 CVE-2018-16875
go#29233 crypto/x509: CPU denial of service
* Upstream is aware of a functionality regression in "go get" when
executed in GOPATH mode on an import path pattern containing "..."
(e.g., "go get github.com/golang/pkg/..."), when downloading
packages not already present in the GOPATH workspace. This is go#29241
and will be resolved in the next minor patch release go-1.10.6
- Fix build error with PIE linker flags on ppc64le. bsc#1113978 boo#1098017
* gccgo on ppc64le with default PIE enabled fails with:
error while loading shared libraries:
R_PPC64_ADDR16_HA re10143fb0c for symbol `' out of range
* linuxppc-dev discussion:
"PIE binaries are no longer mapped below 4 GiB on ppc64le"
https://lists.ozlabs.org/pipermail/linuxppc-dev/2018-November/180862.html
* Add for ppc64le only: #!BuildIgnore: gcc-PIE
* OBS environment defaults to PIE
* Upstream fix for go buildmode PIE desired, track upstream go#28531
* go1.10.4 (released 2018/08/24) includes fixes to the go command,
linker, and the net/http, mime/multipart, ld/macho, bytes, and
strings packages. See the Go 1.10.4 milestone on our issue
licensedigger accepted review
ok
factory-auto added opensuse-review-team as a reviewer
Please review sources
factory-auto added repo-checker as a reviewer
Please review build success
factory-auto accepted review
Check script succeeded
namtrac accepted review
dimstar_suse set openSUSE:Factory:Staging:G as a staging project
Being evaluated by staging project "openSUSE:Factory:Staging:G"
dimstar_suse accepted review
Picked openSUSE:Factory:Staging:G
