Path to this page:
Next | Query returned 7 messages, browsing 1 to 10 | previous
CVS Commit History:
2024-12-04 19:51:39 by Benny Siegert | Files touched by this commit (4) |
Log message:
Update Go to 1.22.10, 1.23.4
go1.23.4 (released 2024-12-03) includes fixes to the compiler, the runtime, the
trace command, and the syscall package. See the Go 1.23.4 milestone on our
issue tracker for details.
go1.22.10 (released 2024-12-03) includes fixes to the runtime and the syscall
package. See the Go 1.22.10 milestone on our issue tracker for details.
|
2024-11-22 11:50:38 by Thomas Klausner | Files touched by this commit (1) |
Log message:
go123: remove traces of GOROOT_FINAL
(didn't help after all, removed in 1.23)
|
2024-11-22 08:49:50 by Thomas Klausner | Files touched by this commit (1) |
Log message:
go123: set GOROOT_FINAL
Fixes binary for me on NetBSD 10.
|
2024-11-22 08:35:27 by Thomas Klausner | Files touched by this commit (1) |
Log message:
go123: remove reference to non-existent files
|
2024-11-08 20:46:59 by Benny Siegert | Files touched by this commit (5) | |
Log message:
go: update to 1.22.9 and 1.23.2.
go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and
the net/http, os, and syscall packages. See the Go 1.23.3 milestone on our
issue tracker for details.
go1.22.9 (released 2024-11-06) includes fixes to the linker. See the Go 1.22.9
milestone on our issue tracker for details.
|
2024-10-03 17:41:01 by Benny Siegert | Files touched by this commit (6) | |
Log message:
go: update go123 to 1.23.2 and go122 to 1.22.8.
go1.23.2 (released 2024-10-01) includes fixes to the compiler, cgo, the
runtime, and the maps, os, os/exec, time, and unique packages. See the Go
1.23.2 milestone on our issue tracker for details.
go1.22.8 (released 2024-10-01) includes fixes to cgo, and the maps and syscall
packages. See the Go 1.22.8 milestone on our issue tracker for details.
|
2024-09-06 20:38:23 by Benny Siegert | Files touched by this commit (3) | |
Log message:
go123: update to 1.23.1
This minor release includes 3 security fixes following the security policy:
go/parser: stack exhaustion in all Parse* functions
Calling any of the Parse functions on Go source code which contains deeply \
nested literals can cause a panic due to stack exhaustion.
This is CVE-2024-34155 and Go issue https://go.dev/issue/69138.
encoding/gob: stack exhaustion in Decoder.Decode
Calling Decoder.Decode on a message which contains deeply nested structures can \
cause a panic due to stack exhaustion.
This is a follow-up to CVE-2022-30635.
Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu) for \
reporting this issue.
This is CVE-2024-34156 and Go issue https://go.dev/issue/69139.
go/build/constraint: stack exhaustion in Parse
Calling Parse on a "// +build" build tag line with deeply nested \
expressions can cause a panic due to stack exhaustion.
This is CVE-2024-34158 and Go issue https://go.dev/issue/69141.
|
Next | Query returned 7 messages, browsing 1 to 10 | previous