golang

Go to file

hanchao cfa27fd672 golang: fix CVE-2022-41716

Score: 7.5
Reference: https://go-review.googlesource.com/c/go/+/446916
Conflict: src/os/exec/exec.go;src/syscall/exec_windows.go
Reason: fix CVE-2022-41716
(cherry picked from commit 76ac33e67eb0a5b5dcde7bce38edda989149c158)

2022-11-21 11:41:35 +08:00

0001-release-branch.go1.17-crypto-elliptic-tolerate-zero-.patch

fix CVE-2022-28327,CVE-2022-24675

2022-09-13 15:04:07 +08:00

0002-release-branch.go1.17-encoding-pem-fix-stack-overflo.patch

fix CVE-2022-28327,CVE-2022-24675

2022-09-13 15:04:07 +08:00

0003-release-branch.go1.17-syscall-fix-ForkLock-spurious-.patch

fix CVE-2021-44717

2022-09-13 15:04:07 +08:00

0004-backport-cmd-link-mark-unexported-methods-for-plugins.patch

backport patch to fix bug of golang plugin mode

2022-09-13 15:04:07 +08:00

0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch

golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,

2022-09-13 15:04:07 +08:00

0016-release-branch.go1.17-math-big-check-buffer-lengths-.patch

golang: fix CVE-2022-32189

2022-09-13 15:04:07 +08:00

0017-path-filepath-do-not-remove-prefix-.-when-following-.patch

golang: fix CVE-2022-29804,CVE-2022-29526

2022-09-13 15:04:07 +08:00

0018-release-branch.go1.17-syscall-check-correct-group-in.patch

golang: fix CVE-2022-29804,CVE-2022-29526

2022-09-13 15:04:07 +08:00

0019-release-branch.go1.18-net-http-update-bundled-golang.patch

golang: fix CVE-2022-27664

2022-09-15 14:53:12 +08:00

0020-release-branch.go1.18-regexp-limit-size-of-parsed-re.patch

golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879

2022-10-12 17:40:44 +08:00

0021-release-branch.go1.18-net-http-httputil-avoid-query-.patch

golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879

2022-10-12 17:40:44 +08:00

0022-release-branch.go1.18-archive-tar-limit-size-of-head.patch

golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879

2022-10-12 17:40:44 +08:00

0023-syscall-os-exec-reject-environment-variables-contain.patch

golang: fix CVE-2022-41716

2022-11-21 11:41:35 +08:00

go1.17.3.src.tar.gz

upgrade to 1.17.3

2021-11-21 03:33:14 +08:00

golang.spec

golang: fix CVE-2022-41716

2022-11-21 11:41:35 +08:00

golang.yaml

golang: add yaml

2020-07-31 11:24:52 +08:00