packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
53 Commits 1 Branch 0 Tags
Commit Graph

53 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
openeuler-ci-bot
1c39e44327
!142 [sync] PR-139: golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879 
From: @openeuler-sync-bot 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-10-13 01:34:05 +00:00
hanchao
b9542b2c31 golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879 
Score:CVE-2022-41715:4,CVE-2022-2880:5.3,CVE-2022-2879:6.2
Reference:https://go-review.googlesource.com/c/go/+/438501,
	https://go-review.googlesource.com/c/go/+/433695,
	https://go-review.googlesource.com/c/go/+/438500
Conflict:NA
Reason:fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
(cherry picked from commit 4fd46fe7b9f44f4057337ee7493a4a39cb7a18f1)
 2022-10-12 17:40:44 +08:00
openeuler-ci-bot
8ebbd194ca
!137 [sync] PR-132: golang: fix CVE-2022-27664 
From: @openeuler-sync-bot 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-09-15 08:02:57 +00:00
hanchao
cf825335b1 golang: fix CVE-2022-27664 
Score: 7.5
Reference: https://go-review.googlesource.com/c/go/+/428635/
Conflict: NA
Reason: fix CVE-2022-27664
(cherry picked from commit 793f4d493d6bc84a363b98a79e3ece97ae229006)
 2022-09-15 14:53:12 +08:00
openeuler-ci-bot
37e974ad4b
!130 [sync] PR-125: golang.spec: modify the golang.spec to remove unnecessary files from golang-help package 
From: @openeuler-sync-bot 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-09-15 01:59:26 +00:00
hanchao
8a81b3e5e1 golang: modify the golang.spec to remove unnecessary files from 
golang-help package

Reason: golang-help package include unnecessary files such as shared
libs. now remove those unnecessary files.

(cherry picked from commit eac443ba4af3b120d548c7c68e746c2a80f3537f)
 2022-09-13 17:21:21 +08:00
openeuler-ci-bot
b75c527011
!128 [sync] PR-122: Synchronize the master branch and openEuler-22.03 
From: @openeuler-sync-bot 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-09-13 07:27:26 +00:00
hanchao
67a3196cbd golang: fix CVE-2022-29804,CVE-2022-29526 
Score: CVE-2022-29804: 7.5, CVE-2022-29526: 5.3
Reference: https://go-review.googlesource.com/c/go/+/401595/, https://go-review.googlesource.com/c/go/+/401078/
Conflict: NA
Reason: fix CVE-2022-29804,CVE-2022-29526
(cherry picked from commit 282de33531134134e5d590913baa6c92a2ddfd7c)
 2022-09-13 15:04:07 +08:00
hanchao
49fd00bdd2 golang: fix CVE-2022-32189 
Score: 6.5
Reference: https://go-review.googlesource.com/c/go/+/419814
Conflict: NA
Reason: fix CVE-2022-32189
(cherry picked from commit 6dd57444d5c99f2d24ba90f5b581eb41d3c7407a)
 2022-09-13 15:04:07 +08:00
hanchao
e90b790887 golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633, 
CVE-2022-30635,CVE-2022-30630,CVE-2022-30632,CVE-2022-28131,
CVE-2022-30631,CVE-2022-30629,CVE-2022-30634

Conflict: NA

Score:
CVE-2022-32148: 5.3
CVE-2022-1962:  6.2
CVE-2022-1705:  5.3
CVE-2022-30633: 6.2
CVE-2022-30635: 5.5
CVE-2022-30630: 6.2
CVE-2022-30632: 6.2
CVE-2022-28131: 6.2
CVE-2022-30631: 7.5
CVE-2022-30629: 2.6
CVE-2022-30634: 7.5

Reference:
CVE-2022-32148: https://go-review.googlesource.com/c/go/+/415221
CVE-2022-1962:	https://go-review.googlesource.com/c/go/+/417070
CVE-2022-1705:  https://go-review.googlesource.com/c/go/+/415217
CVE-2022-30633: https://go-review.googlesource.com/c/go/+/417069
CVE-2022-30635: https://go-review.googlesource.com/c/go/+/417074
CVE-2022-30630: https://go-review.googlesource.com/c/go/+/417072
CVE-2022-30632: https://go-review.googlesource.com/c/go/+/417073
CVE-2022-28131: https://go-review.googlesource.com/c/go/+/417068
CVE-2022-30631: https://go-review.googlesource.com/c/go/+/417071
CVE-2022-30629: https://go-review.googlesource.com/c/go/+/408574
CVE-2022-30634: https://go-review.googlesource.com/c/go/+/406635

Reason: fix CVE:
CVE-2022-32148: 0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch
CVE-2022-1962:	0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch
CVE-2022-1705:  0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch
CVE-2022-30633: 0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch
CVE-2022-30635: 0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch
CVE-2022-30630: 0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch
CVE-2022-30632: 0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch
CVE-2022-28131: 0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch
CVE-2022-30631: 0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch
CVE-2022-30629: 0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch
CVE-2022-30634: 0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch
(cherry picked from commit 40c91388a14ffca6efc7fc085165dece753b6da8)
 2022-09-13 15:04:07 +08:00
hubin
221035a0c9 backport patch to fix bug of golang plugin mode 
Signed-off-by: hubin <hubin73@huawei.com>
(cherry picked from commit e40a694498d46d2be02ce1add6a14d5d1fdf6987)
 2022-09-13 15:04:07 +08:00
hc
28ab46a770 update golang.spec. 
(cherry picked from commit 9ab15eb485c326d714d62ddf7518644149460885)
 2022-09-13 15:04:07 +08:00
hanchao
c087d808a3 fix CVE-2021-44717 
Conflict: NA
Score: 4.8
Reference: https://go-review.googlesource.com/c/go/+/370534
Reason: fix CVE-2021-44717

Signed-off-by: hanchao <hanchao47@huawei.com>
(cherry picked from commit 6f993c149e73653dae13ace07e524c29878dcea3)
 2022-09-13 15:04:07 +08:00
hanchao
2ef5441ce3 fix CVE-2022-28327,CVE-2022-24675 
Conflict: NA
Score: CVE-2022-28327:7.5,CVE-2022-24675:7.5
Reference: https://go-review.googlesource.com/c/go/+/397136,https://go-review.googlesource.com/c/go/+/399816
Reason: CVE-2022-28327,CVE-2022-24675
(cherry picked from commit 11457185219bd14f1bf975780e3ee066342ab9cb)
 2022-09-13 15:04:07 +08:00
openeuler-ci-bot
0a067a38d7 !58 upgrade to 1.17.3 
From: @jackchan8
Reviewed-by: @jing-rui,@duguhaotian
Signed-off-by: @duguhaotian,@jing-rui
 2021-11-30 12:31:04 +00:00
JackChan8
1c3997f3dc upgrade to 1.17.3 
Signed-off-by: JackChan8 <chenjiankun1@huawei.com>
 2021-11-21 03:33:14 +08:00
openeuler-ci-bot
8d3cd0f27c !32 golang: speed up build progress 
From: @DCCooper
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2021-04-16 09:36:45 +08:00
DCCooper
0953db6ef4 golang: speed up build progress 
Signed-off-by: DCCooper <1866858@gmail.com>
 2021-04-15 15:40:15 +08:00
openeuler-ci-bot
c049552c00 !22 Upgrade golang to 1.15.7 
From: @meilier
Reviewed-by: @jingxiaolu,@jing-rui
Signed-off-by: @jing-rui
 2021-01-29 08:58:58 +08:00
meilier
10a96e3391 golang: upgrade to 1.15.7 2021-01-28 20:44:14 +08:00
openeuler-ci-bot
352325f497 !17 Enable cgo for risc-v golang 
From: @riscv-spare
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2020-12-11 15:02:22 +08:00
rv_spare
7194175613 !1 all: add cgo support to the riscv port 
Merge pull request !1 from 杨演超/master
 2020-12-10 15:55:22 +08:00
yangyanchao
d4285b29c9 all:add cgo support to the riscv port 
Signed-off-by: yangyanchao <yangyanchao6@huawei.com>
 2020-12-07 15:06:43 +08:00
openeuler-ci-bot
8fc567dddc !16 Adapt for riscv64 and fix error in changelog 
From: @whoisxxx
Reviewed-by: @liqingqing_1229,@jing-rui
Signed-off-by: @jing-rui
 2020-11-30 14:53:56 +08:00
whoisxxx
09c818ff0c Fix error in changelog date 2020-11-28 13:22:42 +08:00
whoisxxx
42186258f0 Adapt for riscv-64 2020-11-28 13:20:11 +08:00
openeuler-ci-bot
72293a06dd !15 golang: upgrade to 1.15.5 
From: @zvier
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2020-11-18 10:58:21 +08:00
zvier
17b4faefc5 golang: upgrade to 1.15.5 
Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-11-18 10:16:36 +08:00
openeuler-ci-bot
2966fbf3da !12 golang: upgrade to 1.13.15 
Merge pull request !12 from Vanient/master
 2020-08-18 20:24:00 +08:00
xiadanni
6ad438669a golang: upgrade to 1.13.15 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-08-18 19:23:22 +08:00
openeuler-ci-bot
b96ea79f9c !11 golang: add yaml 
Merge pull request !11 from Vanient/master
 2020-07-31 15:11:19 +08:00
xiadanni
5820a98415 golang: add yaml 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-31 11:24:52 +08:00
openeuler-ci-bot
08a7c059f6 !10 golang: upgrade to 1.13.14 
Merge pull request !10 from Vanient/master
 2020-07-31 10:23:45 +08:00
xiadanni
52c05d8eb6 golang: upgrade to 1.13.14 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-31 09:27:27 +08:00
openeuler-ci-bot
282d90f4a9 !9 golang: bump version to 1.13.4 
Merge pull request !9 from Vanient/master
 2020-07-23 20:01:41 +08:00
xiadanni
e6fdab00b8 golang: bump to 1.13.4 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2020-07-23 19:40:56 +08:00
openeuler-ci-bot
3741a0e1b9 !7 golang: sync code with CVE and cleancode 
Merge pull request !7 from DCCooper/master
 2020-05-14 09:41:57 +08:00
DCCooper
deb13bfa9d golang: sync code with CVE and cleancode 
reason: 1. drop hard code cert
        2. rename tar name and make it same with upstream

Signed-off-by: DCCooper <1866858@gmail.com>
 2020-05-12 17:08:40 +08:00
openeuler-ci-bot
bec40e0404 !6 golang: fix cve CVE-2020-7919 
Merge pull request !6 from jing-rui/dev
 2020-04-16 15:19:29 +08:00
jingrui
d9ea2f312b golang: fix cve CVE-2020-7919 
Change-Id: I0c69fd3added6f82599c1cb9e4a1dbb02112de84
Signed-off-by: jingrui <jingrui@huawei.com>
 2020-04-16 16:22:51 +08:00
openeuler-ci-bot
e798eb3158 !4 golang: remove unused requires "mercurial" 
Merge pull request !4 from Grooooot/master
 2020-02-21 17:16:20 +08:00
Grooooot
03aa981a87 golang: remove unused requires "mercurial" 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-02-20 18:22:53 +08:00
openeuler-ci-bot
c85faa0eb9 !3 golang: fix patch 0012 format 
Merge pull request !3 from Grooooot/master
 2020-01-10 16:00:35 +08:00
Grooooot
1ce9a9033f golang: fix patch 0012 format 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-10 10:06:14 +08:00
openeuler-ci-bot
7c558b7cdd !2 golang: modification of spec 
Merge pull request !2 from Grooooot/master
 2020-01-09 16:40:20 +08:00
Grooooot
8b0d150421 runtime: use innermost frame's func name for async preemption check 
We don't asynchronously preempt if we are in the runtime. We do
this by checking the function name. However, it failed to take
inlining into account. If a runtime function gets inlined into
a non-runtime function, it can be preempted, and bad things can
happen. One instance of this is dounlockOSThread inlined into
UnlockOSThread which is in turn inlined into a non-runtime
function.

Fix this by using the innermost frame's function name.

Change-Id: Ifa036ce1320700aaaefd829b4bee0d04d05c395d
Reviewed-on: https://go-review.googlesource.com/c/go/+/211978
Run-TryBot: Cherry Zhang <cherryyz@google.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Austin Clements <austin@google.com>
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-08 15:04:53 +08:00
Grooooot
592bf09553 golang: modification of spec 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-01-06 10:24:02 +08:00
openeuler-ci-bot
44eb8f78b5 !1 golang: modify source0 download address 
Merge pull request !1 from Grooooot/master
 2019-12-29 16:43:36 +08:00
openeuler-iSula
747b3d9598 golang: modify source0 download address 
Signed-off-by: openeuler-iSula <isula@huawei.com>
 2019-12-29 15:43:54 +08:00
dogsheng
ce820709f2 Package init 2019-12-25 15:47:08 +08:00