f7bac58ac37aab23969bab5b786ff589 1.17.1 1632173592 dimstar_suse New package go1.17 version go1.17.1. 920225 203cffa4ce24e47deb9ba075a8c830dc 1.17.2 1633963720 dimstar_suse - go1.17.2 (released 2021-10-07) includes a security fix to the linker and misc/wasm directory, as well as bug fixes to the compiler, the runtime, the go command, and to the time and text/template packages. Refs boo#1190649 go1.17 release tracking CVE-2021-38297 * boo#1191468 go#48797 CVE-2021-38297 * go#48800 security: fix CVE-2021-38297 misc/wasm, cmd/link: do not let command line args overwrite global data * go#48561 cmd/compile: unsafe.Add bug when adding uint8 value to a pointer * go#48444 text/template: should t.init() be executed before t.muTmpl.Lock() in AddParseTree() method? * go#48177 time: output does not respect comma as millisecond separator * go#47859 time: timer reset sometimes ignored, causing delayed ticks * go#47756 cmd/go: mod tidy -go=1.17 should move indirect dependencies to the second require part (forwarded request 924124 from jfkw) 924126 b994b05e17c760c64b8111eb9d0fb0ec 1.17.3 1636218909 dimstar_suse - go1.17.3 (released 2021-11-04) includes security fixes to the archive/zip and debug/macho packages, as well as bug fixes to the compiler, linker, runtime, the go command, the misc/wasm directory, and to the net/http and syscall packages. Refs boo#1190649 go1.17 release tracking CVE-2021-41771 CVE-2021-41772 * boo#1192377 go#48990 CVE-2021-41771 * go#48992 debug/macho: invalid dynamic symbol table command can cause panic * boo#1192378 go#48085 CVE-2021-41772 * go#48252 archive/zip: Reader.Open panics on empty string * go#49199 cmd/go: go list all breaks in //go:build-only repos * go#49154 misc/wasm, cmd/link: Go 1.17.2 causes WASM builds to throw command line too long with many environment variables * go#49086 cmd/link: -buildmode=pie -linkshared panic at runtime * go#49077 x/net/http2: backport critical fixes * go#49010 net,runtime: apparent deadlock in (*net.conn).Close and runtime.netpollblock on arm64 platforms * go#48823 x/net/http2: client can hang forever if headers' size exceeds connection's buffer size and server hangs past request time * go#48650 x/net/http2: pool deadlock * go#48479 cmd/compile: 64 bits shifts on arm get wrong results * go#48475 cmd/compile: incorrect arm/arm64 simplification rules * go#48075 syscall: SysProcAttr{ NoInheritHandles: true } broken in 1.17 on Windows (forwarded request 929548 from jfkw) 929550 28d2d496d3ffd5c547c19c2b81d93387 1.17.4 1638831546 dimstar_suse - go1.17.4 (released 2021-12-02) includes fixes to the compiler, linker, runtime, and the go/types, net/http, and time packages. Refs boo#1190649 go1.17 release tracking * go#49911 x/net/http2: frequent failures in TestClientConnCloseAtBody * go#49909 x/net/ipv6: TestPacketConnReadWriteMulticast{UDP,ICMP} failing with "i/o timeout" on OpenBSD 6.8 and 7.0 * go#49905 x/net/http2: Client doesn't send body until ExpectContinueTimeout expires * go#49868 syscall: ntdll.dll errors in rtlGetNtVersionNumbers via os.StartProcess * go#49729 runtime: "fatal error: unexpected signal during runtime execution" in cmd/go tests on darwin-amd64-race running macOS 12.0 * go#49662 x/net/http2: TestUnreadFlowControlReturned_Server failures with stream error "NO_ERROR" since 2021-10-05 * go#49624 net/http: Possible HTTP/2 busy loop regression in Go 1.17.3 * go#49568 net/http: server responds with Transfer-Encoding: identity * go#49561 x/net/http2: setting Request.Close doesn't close TCP connections * go#49559 net/http: HTTP/2 response body Close method sometimes returns spurious context cancelation error (1.17.3 regression) * go#49511 cmd/compile: init info of OAS node in a select case is being dropped * go#49479 runtime: "morestack on g0" in x/perf/storage/app on windows/arm64 * go#49407 time: ParseInLocation error * go#49392 cmd/compile: internal compiler error: Expand calls interface data problem * go#49369 runtime: time goes backwards on windows-arm64 (frequent TestGcLastTime failures) * go#49129 cmd/compile: internal compiler error: can't find source for b12->b4: v31 = MOVBload <bool> v14 v1 : DX * go#48825 go/types, types2: stack overflow in hasVarSize for invalid type (forwarded request 935320 from jfkw) 935322 249782657523205d6fc4799475690adb 1.17.5 1639340827 dimstar_suse - go1.17.5 (released 2021-12-09) includes security fixes to the syscall and net/http packages. Refs boo#1190649 go1.17 release tracking CVE-2021-44716 CVE-2021-44717 * boo#1193598 go#50057 CVE-2021-44717 * go#50067 syscall: don’t close fd 0 on ForkExec error * boo#1193597 go#50058 CVE-2021-44716 * go#50065 net/http: limit growth of header canonicalization cache (forwarded request 938745 from jfkw) 938755 de3949eaf1f2584513c348bbbc325572 1.17.6 1641680587 dimstar_suse - go1.17.6 (released 2022-01-06) includes fixes to the compiler, linker, runtime, and the crypto/x509, net/http, and reflect packages. Refs boo#1190649 go1.17 release tracking * go#50165 crypto/x509: error parsing large ASN.1 identifiers * go#50073 runtime: race detector SIGABRT or SIGSEGV on macOS Monterey * go#49961 reflect: segmentation violation while using html/template * go#49921 x/net/http2: http.Server.WriteTimeout does not fire if the http2 stream's window is out of space. * go#49413 cmd/compile: internal compiler error: Op...LECall and OpDereference have mismatched mem * go#48116 runtime: mallocs cause "base outside usable address space" panic when running on iOS 14 (forwarded request 944560 from jfkw) 944562 e696433d57eec50fe3abd32e88163965 1.17.7 1644778237 dimstar_suse - go1.17.7 (released 2022-02-10) includes security fixes to the crypto/elliptic, math/big packages and to the go command, as well as bug fixes to the compiler, linker, runtime, the go command, and the debug/macho, debug/pe, and net/http/httptest packages. Refs boo#1190649 go1.17 release tracking CVE-2022-23806 CVE-2022-23772 CVE-2022-23773 * boo#1195838 go#50974 CVE-2022-23806 * go#50978 crypto/elliptic: IsOnCurve returns true for invalid field elements * boo#1195835 go#50699 CVE-2022-23772 * go#50701 math/big: Rat.SetString may consume large amount of RAM and crash * boo#1195834 go#35671 CVE-2022-23773 * go#50687 cmd/go: do not treat branches with semantic-version names as releases * go#50942 cmd/asm: "compile: loop" compiler bug? * go#50867 cmd/compile: incorrect use of CMN on arm64 * go#50812 cmd/go: remove bitbucket VCS probing * go#50781 runtime: incorrect frame information in traceback traversal may hang the process. * go#50722 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error * go#50683 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg * go#50586 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch * go#50297 cmd/link: does not set section type of .init_array correctly * go#50246 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package (forwarded request 953823 from jfkw) 953825