Hello community, here is the log from the commit of package go1.15 for openSUSE:Factory checked in at 2020-11-15 15:21:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/go1.15 (Old) and /work/SRC/openSUSE:Factory/.go1.15.new.24930 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go1.15" Sun Nov 15 15:21:38 2020 rev:6 rq:848227 version:1.15.5 Changes: -------- --- /work/SRC/openSUSE:Factory/go1.15/go1.15.changes 2020-11-09 13:58:50.419777122 +0100 +++ /work/SRC/openSUSE:Factory/.go1.15.new.24930/go1.15.changes 2020-11-15 15:22:18.991189759 +0100 @@ -1,0 +2,14 @@ +Thu Nov 12 21:10:05 UTC 2020 - Jeff Kowalczyk <[email protected]> + +- go1.15.5 (released 2020-11-12) includes security fixes to the + cmd/go and math/big packages. + CVE-2020-28362 CVE-2020-28367 CVE-2020-28366 + Refs boo#1175132 go1.15 release tracking + * boo#1178750 CVE-2020-28362 + * go#42554 math/big: panic during recursive division of very large numbers + * boo#1178752 CVE-2020-28367 + * go#42562 cmd/go: arbitrary code can be injected into cgo generated files + * boo#1178753 CVE-2020-28366 + * go#42558 cmd/go: improper validation of cgo flags can lead to remote code execution at build time + +------------------------------------------------------------------- Old: ---- go1.15.4.src.tar.gz New: ---- go1.15.5.src.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ go1.15.spec ++++++ --- /var/tmp/diff_new_pack.yBLPJV/_old 2020-11-15 15:22:21.199192122 +0100 +++ /var/tmp/diff_new_pack.yBLPJV/_new 2020-11-15 15:22:21.203192127 +0100 @@ -135,7 +135,7 @@ %endif Name: go1.15 -Version: 1.15.4 +Version: 1.15.5 Release: 0 Summary: A compiled, garbage-collected, concurrent programming language License: BSD-3-Clause ++++++ go1.15.4.src.tar.gz -> go1.15.5.src.tar.gz ++++++ /work/SRC/openSUSE:Factory/go1.15/go1.15.4.src.tar.gz /work/SRC/openSUSE:Factory/.go1.15.new.24930/go1.15.5.src.tar.gz differ: char 15, line 1 _______________________________________________ openSUSE Commits mailing list -- [email protected] To unsubscribe, email [email protected] List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/[email protected]
