Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package go1.16 for openSUSE:Factory checked in at 2022-02-13 19:50:36 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/go1.16 (Old) and /work/SRC/openSUSE:Factory/.go1.16.new.1956 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go1.16" Sun Feb 13 19:50:36 2022 rev:17 rq:953824 version:1.16.14 Changes: -------- --- /work/SRC/openSUSE:Factory/go1.16/go1.16.changes 2022-01-08 23:23:12.590211592 +0100 +++ /work/SRC/openSUSE:Factory/.go1.16.new.1956/go1.16.changes 2022-02-13 19:50:56.950197744 +0100 @@ -1,0 +2,26 @@ +Thu Feb 10 23:46:55 UTC 2022 - Jeff Kowalczyk <jkowalc...@suse.com> + +- go1.16.14 (released 2022-02-10) includes security fixes to the + crypto/elliptic, math/big packages and to the go command, as well + as bug fixes to the compiler, linker, runtime, the go command, + and the debug/macho, debug/pe, net/http/httptest, and testing + packages. + Refs boo#1182345 go1.16 release tracking + CVE-2022-23806 CVE-2022-23772 CVE-2022-23773 + * boo#1195838 go#50974 CVE-2022-23806 + * go#50977 crypto/elliptic: IsOnCurve returns true for invalid field elements + * boo#1195835 go#50699 CVE-2022-23772 + * go#50700 math/big: Rat.SetString may consume large amount of RAM and crash + * boo#1195834 go#35671 CVE-2022-23773 + * go#50686 cmd/go: do not treat branches with semantic-version names as releases + * go#50866 cmd/compile: incorrect use of CMN on arm64 + * go#50832 runtime/race: NoRaceMutexPureHappensBefore failures + * go#50811 cmd/go: remove bitbucket VCS probing + * go#50780 runtime: incorrect frame information in traceback traversal may hang the process. + * go#50721 debug/pe: reading debug_info section of PE files that use the DWARF5 form DW_FORM_line_strp causes error + * go#50682 cmd/compile: MOVWreg missing sign-extension following a Copy from a floating-point LoadReg + * go#50645 testing: surprising interaction of subtests with TempDir + * go#50585 net/http/httptest: add fipsonly compliant certificate in for NewTLSServer(), for dev.boringcrypto branch + * go#50245 runtime: intermittent os/exec.Command.Start() Hang on Darwin in Presence of "plugin" Package + +------------------------------------------------------------------- Old: ---- go1.16.13.src.tar.gz New: ---- go1.16.14.src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ go1.16.spec ++++++ --- /var/tmp/diff_new_pack.Yq4Ql9/_old 2022-02-13 19:50:57.534199300 +0100 +++ /var/tmp/diff_new_pack.Yq4Ql9/_new 2022-02-13 19:50:57.542199322 +0100 @@ -135,7 +135,7 @@ %endif Name: go1.16 -Version: 1.16.13 +Version: 1.16.14 Release: 0 Summary: A compiled, garbage-collected, concurrent programming language License: BSD-3-Clause ++++++ go1.16.13.src.tar.gz -> go1.16.14.src.tar.gz ++++++ /work/SRC/openSUSE:Factory/go1.16/go1.16.13.src.tar.gz /work/SRC/openSUSE:Factory/.go1.16.new.1956/go1.16.14.src.tar.gz differ: char 142, line 1
