<revisionlist>

  <revision rev="1" vrev="1">

    <srcmd5>f7bac58ac37aab23969bab5b786ff589</srcmd5>

    <version>1.17.1</version>

    <time>1632173592</time>

    <user>dimstar_suse</user>

    <comment>New package go1.17 version go1.17.1.</comment>

    <requestid>920225</requestid>

  </revision>

  <revision rev="2" vrev="1">

    <srcmd5>203cffa4ce24e47deb9ba075a8c830dc</srcmd5>

    <version>1.17.2</version>

    <time>1633963720</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.2 (released 2021-10-07) includes a security fix to the

  linker and misc/wasm directory, as well as bug fixes to the

  compiler, the runtime, the go command, and to the time and

  text/template packages.

  Refs boo#1190649 go1.17 release tracking

  CVE-2021-38297

  * boo#1191468 go#48797 CVE-2021-38297

  * go#48800 security: fix CVE-2021-38297 misc/wasm, cmd/link: do not let command line args overwrite global data

  * go#48561 cmd/compile: unsafe.Add bug when adding uint8 value to a pointer

  * go#48444 text/template: should t.init() be executed before t.muTmpl.Lock() in AddParseTree() method?

  * go#48177 time: output does not respect comma as millisecond separator

  * go#47859 time: timer reset sometimes ignored, causing delayed ticks

  * go#47756 cmd/go: mod tidy -go=1.17 should move indirect dependencies to the second require part (forwarded request 924124 from jfkw)</comment>

    <requestid>924126</requestid>

  </revision>

  <revision rev="3" vrev="1">

    <srcmd5>b994b05e17c760c64b8111eb9d0fb0ec</srcmd5>

    <version>1.17.3</version>

    <time>1636218909</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.3 (released 2021-11-04) includes security fixes to the

  archive/zip and debug/macho packages, as well as bug fixes to the

  compiler, linker, runtime, the go command, the misc/wasm

  directory, and to the net/http and syscall packages.

  Refs boo#1190649 go1.17 release tracking

  CVE-2021-41771 CVE-2021-41772

  * boo#1192377 go#48990 CVE-2021-41771

  * go#48992 debug/macho: invalid dynamic symbol table command can cause panic

  * boo#1192378 go#48085 CVE-2021-41772

  * go#48252 archive/zip: Reader.Open panics on empty string

  * go#49199 cmd/go: go list all breaks in //go:build-only repos

  * go#49154 misc/wasm, cmd/link: Go 1.17.2 causes WASM builds to throw command line too long with many environment variables

  * go#49086 cmd/link: -buildmode=pie -linkshared panic at runtime

  * go#49077 x/net/http2: backport critical fixes

  * go#49010 net,runtime: apparent deadlock in (*net.conn).Close and runtime.netpollblock on arm64 platforms

  * go#48823 x/net/http2: client can hang forever if headers' size exceeds connection's buffer size and server hangs past request time

  * go#48650 x/net/http2: pool deadlock

  * go#48479 cmd/compile: 64 bits shifts on arm get wrong results

  * go#48475 cmd/compile: incorrect arm/arm64 simplification rules

  * go#48075 syscall: SysProcAttr{ NoInheritHandles: true } broken in 1.17 on Windows (forwarded request 929548 from jfkw)</comment>

    <requestid>929550</requestid>

  </revision>

  <revision rev="4" vrev="1">

    <srcmd5>28d2d496d3ffd5c547c19c2b81d93387</srcmd5>

    <version>1.17.4</version>

    <time>1638831546</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.4 (released 2021-12-02) includes fixes to the compiler,

  linker, runtime, and the go/types, net/http, and time packages.

  Refs boo#1190649 go1.17 release tracking

  * go#49911 x/net/http2: frequent failures in TestClientConnCloseAtBody

  * go#49909 x/net/ipv6: TestPacketConnReadWriteMulticast{UDP,ICMP} failing with "i/o timeout" on OpenBSD 6.8 and 7.0

  * go#49905 x/net/http2: Client doesn't send body until ExpectContinueTimeout expires

  * go#49868 syscall: ntdll.dll errors in rtlGetNtVersionNumbers via os.StartProcess

  * go#49729 runtime: "fatal error: unexpected signal during runtime execution" in cmd/go tests on darwin-amd64-race running macOS 12.0

  * go#49662 x/net/http2: TestUnreadFlowControlReturned_Server failures with stream error "NO_ERROR" since 2021-10-05

  * go#49624 net/http: Possible HTTP/2 busy loop regression in Go 1.17.3

  * go#49568 net/http: server responds with Transfer-Encoding: identity

  * go#49561 x/net/http2: setting Request.Close doesn't close TCP connections

  * go#49559 net/http: HTTP/2 response body Close method sometimes returns spurious context cancelation error (1.17.3 regression)

  * go#49511 cmd/compile: init info of OAS node in a select case is being dropped

  * go#49479 runtime: "morestack on g0" in x/perf/storage/app on windows/arm64

  * go#49407 time: ParseInLocation error

  * go#49392 cmd/compile: internal compiler error: Expand calls interface data problem

  * go#49369 runtime: time goes backwards on windows-arm64 (frequent TestGcLastTime failures)

  * go#49129 cmd/compile: internal compiler error: can't find source for b12->b4: v31 = MOVBload <bool> v14 v1 : DX

  * go#48825 go/types, types2: stack overflow in hasVarSize for invalid type (forwarded request 935320 from jfkw)</comment>

    <requestid>935322</requestid>

  </revision>

  <revision rev="5" vrev="1">

    <srcmd5>249782657523205d6fc4799475690adb</srcmd5>

    <version>1.17.5</version>

    <time>1639340827</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.5 (released 2021-12-09) includes security fixes to the

  syscall and net/http packages.

  Refs boo#1190649 go1.17 release tracking

  CVE-2021-44716 CVE-2021-44717

  * boo#1193598 go#50057 CVE-2021-44717

  * go#50067 syscall: don’t close fd 0 on ForkExec error

  * boo#1193597 go#50058 CVE-2021-44716

  * go#50065 net/http: limit growth of header canonicalization cache (forwarded request 938745 from jfkw)</comment>

    <requestid>938755</requestid>

  </revision>

  <revision rev="6" vrev="1">

    <srcmd5>de3949eaf1f2584513c348bbbc325572</srcmd5>

    <version>1.17.6</version>

    <time>1641680587</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.6 (released 2022-01-06) includes fixes to the compiler,

  linker, runtime, and the crypto/x509, net/http, and reflect

  packages.

  Refs boo#1190649 go1.17 release tracking

  * go#50165 crypto/x509: error parsing large ASN.1 identifiers

  * go#50073 runtime: race detector SIGABRT or SIGSEGV on macOS Monterey

  * go#49961 reflect: segmentation violation while using html/template

  * go#49921 x/net/http2: http.Server.WriteTimeout does not fire if the http2 stream's window is out of space.

  * go#49413 cmd/compile: internal compiler error: Op...LECall and OpDereference have mismatched mem

  * go#48116 runtime: mallocs cause "base outside usable address space" panic when running on iOS 14 (forwarded request 944560 from jfkw)</comment>

    <requestid>944562</requestid>

  </revision>

  <revision rev="7" vrev="1">

    <srcmd5>e696433d57eec50fe3abd32e88163965</srcmd5>

    <version>1.17.7</version>

    <time>1644778237</time>

    <user>dimstar_suse</user>

    <comment>- go1.17.7 (released 2022-02-10) includes security fixes to the

  crypto/elliptic, math/big packages and to the go command, as well

  as bug fixes to the compiler, linker, runtime, the go command,

  and the debug/macho, debug/pe, and net/http/httptest packages.

  Refs boo#1190649 go1.17 release tracking

  CVE-2022-23806 CVE-2022-23772 CVE-2022-23773

  * boo#1195838 go#50974 CVE-2022-23806

  * go#50978 crypto/elliptic: IsOnCurve returns true for invalid field elements

  * boo#1195835 go#50699 CVE-2022-23772

  * go#50701 math/big: Rat.SetString may consume large amount of RAM and crash

  * boo#1195834 go#35671 CVE-2022-23773

  * go#50687 cmd/go: do not treat branches with semantic-version names as releases

  * go#50942 cmd/asm: "compile: loop" compiler bug?

  * go#50867 cmd/compile: incorrect use of CMN on arm64

  * go#50812 cmd/go: remove bitbucket VCS probing

  * go#50781 runtime: incorrect frame information in traceback traversal may hang the process.

  * go#50722 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error

  * go#50683 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg

  * go#50586 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch

  * go#50297 cmd/link: does not set section type of .init_array correctly

  * go#50246 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package (forwarded request 953823 from jfkw)</comment>

    <requestid>953825</requestid>

  </revision>

</revisionlist>