golang

Author	SHA1	Message	Date
hanchao	eeeca13a95	golang: fix CVE-2022-29804,CVE-2022-29526 Score: CVE-2022-29804: 7.5, CVE-2022-29526: 5.3 Reference: https://go-review.googlesource.com/c/go/+/401595/, https://go-review.googlesource.com/c/go/+/401078/ Conflict: NA Reason: fix CVE-2022-29804,CVE-2022-29526	2022-08-18 20:02:38 +08:00
openeuler-ci-bot	4fe4d4bc51	!107 golang: fix CVE-2022-32189 From: @hcnbxx Reviewed-by: @zhangsong234, @jing-rui Signed-off-by: @jing-rui	2022-08-09 09:35:38 +00:00
hanchao	d95195796d	golang: fix CVE-2022-32189 Score: 6.5 Reference: https://go-review.googlesource.com/c/go/+/419814 Conflict: NA Reason: fix CVE-2022-32189	2022-08-08 19:30:34 +08:00
openeuler-ci-bot	935d47607c	!102 golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,CVE-2022-30635,CVE-2022-30632,CVE-2022-28131,CVE-2022-30631,CVE-2022-30629,CVE-2022-30634 From: @hcnbxx Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2022-07-28 01:34:21 +00:00
hanchao	4eff8aee0d	golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633, CVE-2022-30635,CVE-2022-30632,CVE-2022-28131, CVE-2022-30631,CVE-2022-30629,CVE-2022-30634 Conflict: CVE-2022-1962: src/go/parser/parser.go CVE-2022-1705: src/net/http/transfer.go CVE-2022-30634: src/crypto/rand/rand.go, src/crypto/rand/rand_windows.go Score: CVE-2022-32148: 5.3 CVE-2022-1962: 6.2 CVE-2022-1705: 5.3 CVE-2022-30633: 6.2 CVE-2022-30635: 5.5 CVE-2022-30632: 6.2 CVE-2022-28131: 6.2 CVE-2022-30631: 7.5 CVE-2022-30629: 2.6 CVE-2022-30634: 7.5 Reference: CVE-2022-32148: https://go-review.googlesource.com/c/go/+/415221 CVE-2022-1962: https://go-review.googlesource.com/c/go/+/417070 CVE-2022-1705: https://go-review.googlesource.com/c/go/+/415217 CVE-2022-30633: https://go-review.googlesource.com/c/go/+/417069 CVE-2022-30635: https://go-review.googlesource.com/c/go/+/417074 CVE-2022-30632: https://go-review.googlesource.com/c/go/+/417073 CVE-2022-28131: https://go-review.googlesource.com/c/go/+/417068 CVE-2022-30631: https://go-review.googlesource.com/c/go/+/417071 CVE-2022-30629: https://go-review.googlesource.com/c/go/+/408574 CVE-2022-30634: https://go-review.googlesource.com/c/go/+/406635 Reason: fix CVE CVE-2022-32148: 0064-release-branch.go1.17-net-http-preserve-nil-values-i.patch CVE-2022-1962: 0065-release-branch.go1.17-go-parser-limit-recursion-dept.patch CVE-2022-1705: 0066-release-branch.go1.17-net-http-don-t-strip-whitespac.patch CVE-2022-30633: 0067-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch CVE-2022-30635: 0068-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch CVE-2022-30632: 0069-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch CVE-2022-28131: 0070-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch CVE-2022-30631: 0071-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch CVE-2022-30629: 0072-release-branch.go1.17-crypto-tls-randomly-generate-t.patch CVE-2022-30634: 0073-release-branch.go1.17-crypto-rand-properly-handle-la.patch	2022-07-27 23:11:25 +08:00
openeuler-ci-bot	d4f214f4dc	!93 fix CVE-2021-44717 From: @hcnbxx Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2022-05-16 07:54:57 +00:00
hanchao	ad5e33b97b	fix CVE-2021-44717 Conflict: NA Score: CVE-2021-44717:4.5 Reference: https://go-review.googlesource.com/c/go/+/370514 Reason: fix CVE-2021-44717 Signed-off-by: hanchao <hanchao47@huawei.com>	2022-05-16 15:03:09 +08:00
openeuler-ci-bot	91c5faf5e9	!90 fix CVE-2022-28327,CVE-2022-24675 From: @hcnbxx Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2022-05-13 09:44:19 +00:00
hanchao	90fce58fce	fix CVE-2022-28327,CVE-2022-24675 Conflict: NA Score: CVE-2022-28327:7.5,CVE-2022-24675:7.5 Reference: https://go-review.googlesource.com/c/go/+/397136,https://go-review.googlesource.com/c/go/+/399816 Reason: fix CVE-2022-28327,CVE-2022-24675	2022-05-12 10:59:10 +08:00
openeuler-ci-bot	a1133548ce	!82 fix CVE-2022-23773 From: @hcnbxx Reviewed-by: @jing-rui, @jackchan8 Signed-off-by: @jing-rui	2022-03-28 07:28:22 +00:00
hanchao	abeaca7a73	fix CVE-2022-23773 Conflict:src/cmd/go/internal/modfetch/coderepo.go;src/cmd/go/internal/modfetch/coderepo_test.go Score:CVE-2022-23773:7.5 Reference:https://go-review.googlesource.com/c/go/+/378400/ Reason:fix CVE-2022-23773	2022-03-24 11:35:33 +08:00
openeuler-ci-bot	0c7844d8fc	!81 fix CVE-2022-24921 From: @hcnbxx Reviewed-by: @jackchan8, @jing-rui Signed-off-by: @jing-rui	2022-03-16 01:51:01 +00:00
hanchao	7f42874389	fix CVE-2022-24921 Reference:https://go-review.googlesource.com/c/go/+/384855/ Conflict:NA Score:CVE-2022-24921:7.5 Reason:fix CVE-2022-24921	2022-03-14 15:59:38 +08:00
openeuler-ci-bot	1920295134	!76 fix CVE-2022-23772;CVE-2022-23806 From: @hcnbxx Reviewed-by: @jackchan8, @jing-rui Signed-off-by: @jing-rui	2022-03-11 06:51:06 +00:00
hanchao	2b2e619ed0	fix CVE-2022-23772 CVE-2022-23806 Reference:https://go-review.googlesource.com/c/go/+/382835;https://go-review.googlesource.com/c/go/+/381336;https://go-review.googlesource.com/c/go/+/382854 Conflict:NA Score:CVE-2022-23772:7.5 CVE-2022-23806:9.1 Reason:fix CVE-2022-23772 CVE-2022-23806	2022-03-05 16:42:40 +08:00
openeuler-ci-bot	76377cc07b	!71 fix CVE-2021-41771 From: @hcnbxx Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2022-03-02 03:48:09 +00:00
hanchao	61db6bd4b4	fix CVE-2021-41771	2022-03-02 11:38:36 +08:00
openeuler-ci-bot	162f86bf27	!70 fix CVE-2021-39293 Merge pull request !70 from hc/openEuler-20.03-LTS-SP3	2022-02-08 11:18:10 +00:00
hanchao	edc2d98d59	fix CVE-2021-39293 Signed-off-by: hanchao <hanchao47@huawei.com>	2022-02-08 11:07:36 +08:00
openeuler-ci-bot	4e6cb8cc04	!65 fix CVE-2021-44716 Merge pull request !65 from hc/openEuler-20.03-LTS-SP3	2022-01-19 09:23:17 +00:00
hanchao	68522bdf25	fix CVE-2021-44716 Signed-off-by: hanchao <hanchao47@huawei.com>	2022-01-19 16:25:03 +08:00
openeuler-ci-bot	e8ea8c4ecd	!54 合入sp1的修改 From: @weidongkl Reviewed-by: @caihaomin Signed-off-by: @jing-rui	2021-12-06 13:46:53 +00:00
wei dong	e2514db08f	Merge branch 'openEuler-20.03-LTS-SP1' of https://gitee.com/weidongkl/golang into openEuler-20.03-LTS-SP3 Signed-off-by: wei dong <weidong@uniontech.com>	2021-11-16 13:44:21 +08:00
openeuler-ci-bot	094284d05e	!47 Fix multi CVEs From: @jackchan8 Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-10-27 03:56:06 +00:00
chenjiankun	986a9036f1	fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221	2021-10-27 11:18:41 +08:00
openeuler-ci-bot	889d7db656	!45 batch synchronization From: @jackchan8 Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-06-21 11:47:29 +00:00
chenjiankun	cef4d1953d	batch synchronization	2021-06-18 15:46:44 +08:00
openeuler-ci-bot	131f3f204c	!39 fix CVE-2021-27918 From: @jackchan8 Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-04-25 09:53:23 +08:00
chenjiankun	30db532fed	fix CVE-2021-27918	2021-04-25 09:23:19 +08:00
openeuler-ci-bot	5684cc52d7	!33 [sync] PR-32: golang: speed up build progress From: @openeuler-sync-bot Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-04-16 16:28:44 +08:00
openeuler-ci-bot	539e24a910	!34 [sync] PR-32: golang: speed up build progress From: @openeuler-sync-bot Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-04-16 16:28:32 +08:00
DCCooper	724c6a76ea	golang: speed up build progress Signed-off-by: DCCooper <1866858@gmail.com> (cherry picked from commit 0953db6ef4af5a7e8042faf6d99801bd08e10815)	2021-04-16 09:36:55 +08:00
DCCooper	e0760c442c	golang: speed up build progress Signed-off-by: DCCooper <1866858@gmail.com> (cherry picked from commit 0953db6ef4af5a7e8042faf6d99801bd08e10815)	2021-04-16 09:36:49 +08:00
openeuler-ci-bot	e8c374c961	!31 golang: upgrade to 1.15.7 From: @DCCooper Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-03-12 16:49:42 +08:00
DCCooper	76c5ebd313	golang: upgrade to 1.15.7 Fixes: #I3B1LK Signed-off-by: DCCooper <1866858@gmail.com>	2021-03-12 16:17:36 +08:00
openeuler-ci-bot	9ec5fee370	!30 [sync] PR-29: fix cve From: @openeuler-sync-bot Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-02-26 09:59:46 +08:00
jingrui	373c1dfbaf	golang: add fixes CVE-2021-3114 Signed-off-by: jingrui <jingrui@huawei.com> (cherry picked from commit 79deab4eacbf1e09f03415d6bcd1f1fc1d35b452)	2021-02-25 10:12:44 +08:00
openeuler-ci-bot	6a6cbf4d77	!27 [sync] PR-26: golang: fix CVE-2021-3114 From: @openeuler-sync-bot Reviewed-by: @jing-rui Signed-off-by: @jing-rui	2021-02-23 21:13:22 +08:00
jingrui	1982f512d0	golang: fix CVE-2021-3114 Signed-off-by: jingrui <jingrui@huawei.com> (cherry picked from commit 53d3de4bc619b8c4fdebfe896418684aa0c9b721)	2021-02-23 20:55:36 +08:00
openeuler-ci-bot	eebc14f31d	!24 Upgrade golang to 1.15.7 From: @meilier Reviewed-by: @jingxiaolu,@jing-rui Signed-off-by: @jing-rui	2021-01-29 09:00:10 +08:00
meilier	fee2c79e99	golang: upgrade to 1.15.7	2021-01-28 20:45:20 +08:00
openeuler-ci-bot	240cfd6196	!20 golang: sync cve fix From: @jing-rui Reviewed-by: @caihaomin Signed-off-by: @caihaomin	2021-01-18 19:13:06 +08:00
openeuler-ci-bot	8b174a38e5	!19 golang: sync cve fix From: @jing-rui Reviewed-by: @caihaomin Signed-off-by: @caihaomin	2021-01-18 19:12:53 +08:00
jingrui	d2049ce1ac	golang: sync cve fix Signed-off-by: jingrui <jingrui@huawei.com>	2021-01-18 17:40:01 +08:00
openeuler-ci-bot	e3a26a1d24	!13 golang: upgrade to 1.13.15 Merge pull request !13 from Vanient/openEuler-20.03-LTS	2020-08-19 09:09:42 +08:00
xiadanni	e6f40e27fa	golang: upgrade to 1.13.15 Signed-off-by: xiadanni <xiadanni1@huawei.com>	2020-08-18 20:36:44 +08:00
openeuler-ci-bot	aaf02659c7	!8 golang: sync code from master Merge pull request !8 from DCCooper/openEuler-20.03-LTS	2020-05-14 09:41:15 +08:00
DCCooper	deb13bfa9d	golang: sync code with CVE and cleancode reason: 1. drop hard code cert 2. rename tar name and make it same with upstream Signed-off-by: DCCooper <1866858@gmail.com>	2020-05-12 17:08:40 +08:00
openeuler-ci-bot	bec40e0404	!6 golang: fix cve CVE-2020-7919 Merge pull request !6 from jing-rui/dev	2020-04-16 15:19:29 +08:00
jingrui	d9ea2f312b	golang: fix cve CVE-2020-7919 Change-Id: I0c69fd3added6f82599c1cb9e4a1dbb02112de84 Signed-off-by: jingrui <jingrui@huawei.com>	2020-04-16 16:22:51 +08:00

1 2

63 Commits