commit go1.12 for openSUSE:Factory

root Fri, 23 Aug 2019 02:05:13 -0700

Hello community,

here is the log from the commit of package go1.12 for openSUSE:Factory checked 
in at 2019-08-23 11:04:00
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/go1.12 (Old)
 and      /work/SRC/openSUSE:Factory/.go1.12.new.7948 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "go1.12"

Fri Aug 23 11:04:00 2019 rev:11 rq:724681 version:1.12.9

Changes:
--------
--- /work/SRC/openSUSE:Factory/go1.12/go1.12.changes    2019-08-15 
12:27:56.338568194 +0200
+++ /work/SRC/openSUSE:Factory/.go1.12.new.7948/go1.12.changes  2019-08-23 
11:04:11.282507661 +0200
@@ -1,0 +2,12 @@
+Thu Aug 15 23:44:35 UTC 2019 - Jeff Kowalczyk <jkowalc...@suse.com>
+
+- go1.12.9 (released 2019/08/15) includes fixes to the linker and
+  the os and math/big packages.
+  Refs boo#1141689.
+  * go#33557 cmd/link: stack depth check too shallow
+  * go#33424 os.RemoveAll: openFdAt function without O_CLOEXEC and cause fd 
escape to child process
+  * go#33040 cmd/link: missing section for relocation target
+  * go#32940 math/big: arm64 assembly code for shlVU is incorrect
+  * go#30401 doc: syscall: document Setrlimit behavior change on Go 1.12 on 
macOS
+
+-------------------------------------------------------------------
@@ -5 +17 @@
-  net/http and net/url packages addressing:
+  net/http and net/url packages addressing CVEs:
@@ -7,0 +20,3 @@
+  * bnc#1146111 VUL-0: CVE-2019-9512: go: HTTP/2: flood using PING frames 
results in unbounded memory growth
+  * bnc#1146115 VUL-0: CVE-2019-9514: go: HTTP/2 implementation is vulnerable 
to a reset flood, potentially leading to a denial of service
+  * bnc#1146123 VUL-0: CVE-2019-14809: go: malformed hosts in URLs leads to 
authorization bypass

Old:
----
  go1.12.8.src.tar.gz

New:
----
  go1.12.9.src.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ go1.12.spec ++++++
--- /var/tmp/diff_new_pack.zMsgrr/_old  2019-08-23 11:04:13.014507379 +0200
+++ /var/tmp/diff_new_pack.zMsgrr/_new  2019-08-23 11:04:13.018507379 +0200
@@ -119,7 +119,7 @@
 %endif
 
 Name:           go1.12
-Version:        1.12.8
+Version:        1.12.9
 Release:        0
 Summary:        A compiled, garbage-collected, concurrent programming language
 License:        BSD-3-Clause

++++++ go1.12.8.src.tar.gz -> go1.12.9.src.tar.gz ++++++
/work/SRC/openSUSE:Factory/go1.12/go1.12.8.src.tar.gz 
/work/SRC/openSUSE:Factory/.go1.12.new.7948/go1.12.9.src.tar.gz differ: char 
15, line 1

commit go1.12 for openSUSE:Factory

Reply via email to