* Thu Aug 14 2025 jkowalczyk@suse.com
- Packaging improvements:
* Remove conditional gccgo bootstrap sections and gcc-go.patch.
gccgo cannot be used in any version newer than go1.21. Removal
simplifies go1.x package code.
* go1.21 can optionally be bootstrapped with gccgo and serve as
the inital version of go1.x.
* go1.21 will be the initial version of Go in the bootstrap chain
until gcc gccgo is updated to support a language level newer
than go1.18.
* Drop gcc-go.patch
* Refs boo#1247816 bootstrap go1.21 with gccgo
* Refs boo#1248082 drop unused gccgo bootstrap code in go1.22+
* Fri Aug 08 2025 jkowalczyk@suse.com
- Packaging improvements:
* Update go_bootstrap_version to go1.21 from go1.20 to shorten
the bootstrap chain. go1.21 can optionally be bootstrapped with
gccgo and serve as the inital version of go1.x.
* Refs boo#1247816 bootstrap go1.21 with gccgo
* Mon Mar 31 2025 jkowalczyk@suse.com
- Update to version 1.22.12 cut from the go1.22-fips-release
branch at the revision tagged go1.22.12-2-openssl-fips.
Refs jsc#SLE-18320
* Backport fix to correct usleep asm implementation on s390x for
Go1.22 https://go-review.googlesource.com/c/go/+/648915
* Mon Feb 17 2025 jkowalczyk@suse.com
- Update to version 1.22.12 cut from the go1.22-fips-release
branch at the revision tagged go1.22.12-1-openssl-fips.
Refs jsc#SLE-18320
* Rebase to Go 1.22.12 (#266)
* Tue Feb 04 2025 jkowalczyk@suse.com
- go1.22.12 (released 2025-02-04) includes security fixes to the
crypto/elliptic package, as well as bug fixes to the compiler and
the go command.
Refs boo#1218424 go1.22 release tracking
CVE-2025-22866
* go#71422 go#71383 boo#1236801 security: fix CVE-2025-22866 crypto/internal/fips140/nistec: p256NegCond is variable time on ppc64le
* go#71262 cmd/go/internal/modfetch/codehost: test fails with git 2.47.1
* go#71229 cmd/compile: broken write barrier
* Tue Jan 21 2025 jkowalczyk@suse.com
- Update to version 1.22.11 cut from the go1.22-fips-release
branch at the revision tagged go1.22.11-1-openssl-fips.
Refs jsc#SLE-18320
* Rebase to Go1.22.11 to pick fixes for CVE-2024-45341 and
CVE-2024-45336 https://go.dev/cl/643103 and
https://go.dev/cl/643104
* Thu Jan 16 2025 jkowalczyk@suse.com
- go1.22.11 (released 2025-01-16) includes security fixes to the
crypto/x509 and net/http packages, as well as bug fixes to the
runtime.
Refs boo#1218424 go1.22 release tracking
CVE-2024-45341 CVE-2024-45336
* go#71207 go#71156 boo#1236045 security: fix CVE-2024-45341 crypto/x509: usage of IPv6 zone IDs can bypass URI name constraints
* go#71210 go#70530 boo#1236046 security: fix CVE-2024-45336 net/http: sensitive headers incorrectly sent after cross-domain redirect
* go#71103 crypto/tls: TestVerifyConnection/TLSv12 failures
* go#71146 internal/trace: TestTraceCPUProfile/Stress failures
* Thu Jan 09 2025 jkowalczyk@suse.com
- Update to version 1.22.10 cut from the go1.22-fips-release
branch at the revision tagged go1.22.10-1-openssl-fips.
Refs jsc#SLE-18320
* Rebase to 1.22.10 and backport openssl negative tests (#251)
* Tue Dec 10 2024 jkowalczyk@suse.com
- Write three digit version to file VERSION which sets go env
GOVERSION. Fixes bsc#1233306.
* Go toolchain file VERSION sets the immutable value for
go env GOVERSION
* go1.x-openssl toolchains have used a bespoke fourth digit to
represent the upstream patch set release number,
e.g. go1.22.9-1-openssl-fips. This digit has not been needed.
* Some Go applications including helm break when this fourth
digit is present in VERSION, with error:
go.mod requires go >= 1.22.0 (running go 1.22; GOTOOLCHAIN=local)
* Keep the fourth digit in the packaging for now, it will be
dropped in the next toolchain version update.
* Thu Dec 05 2024 adrian@suse.de
- Enable loongarch64 builds