Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package go1.24 for openSUSE:Factory checked
in at 2025-04-03 18:43:15
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/go1.24 (Old)
and /work/SRC/openSUSE:Factory/.go1.24.new.1907 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go1.24"
Thu Apr 3 18:43:15 2025 rev:6 rq:1266903 version:1.24.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/go1.24/go1.24.changes 2025-03-06
14:48:54.665898516 +0100
+++ /work/SRC/openSUSE:Factory/.go1.24.new.1907/go1.24.changes 2025-04-03
18:43:58.642216407 +0200
@@ -1,0 +2,43 @@
+Wed Apr 2 16:21:00 UTC 2025 - Jeff Kowalczyk <jkowalc...@suse.com>
+
+- Packaging improvements:
+ * SLE-12 only: Fix conditional for go-fixsecomp.patch to work
+ correctly when suse_version is undefined.
+ Refs boo#1239182
+ * Fix RPM warning by removing valid macro syntax in comment
+ describing naming format of llvm-tsan_commit.tar.xz
+
+-------------------------------------------------------------------
+Tue Apr 1 16:11:46 UTC 2025 - Jeff Kowalczyk <jkowalc...@suse.com>
+
+- go1.24.2 (released 2025-04-01) includes security fixes to the
+ net/http package, as well as bug fixes to the compiler, the
+ runtime, the go command, and the crypto/tls, go/types, net/http,
+ and testing packages.
+ Refs boo#1236217 go1.24 release tracking
+ CVE-2025-22871
+ * go#72011 go#71988 boo#1240550 security: fix CVE-2025-22871 net/http:
reject bare LF in chunked encoding
+ * go#72067 cmd/compile: out of memory
+ * go#72103 net/http: go1.24 breaks compatibility by modifying in-place the
tls.Config{NextProtos}
+ * go#72115 runtime: process hangs for mips hardware
+ * go#72796 runtime: add an example for AddCleanup
+ * go#72822 cmd/compile: OOM with mutually-recursive iter.Seq
+ * go#72823 crypto/tls: FIPS 140-3 modes reject ECDSA w/ curve P-521/SHA-512
in TLS
+ * go#72826 go/types, types2: CheckExpr / Eval may mutate type checked
objects (=> data race)
+ * go#72872 runtime: cgo callback on extra M treated as external code after
nested cgo callback returns
+ * go#72934 testing: b.StopTimer breaks b.Loop
+ * go#72938 internal/godebugs: winsymlink and winreadlinkvolume have
incorrect defaults for Go 1.22
+ * go#72974 testing: b.Loop gives bogus results in some situations
+
+-------------------------------------------------------------------
+Tue Mar 5 14:32:16 UTC 2025 - Jeff Kowalczyk <jkowalc...@suse.com>
+
+- Packaging improvements:
+ * SLE-12 only: Add declarations to Cgo seccomp_linux.go
+ for new syscalls seccomp and getrandom which are not present
+ in the kernel headers supplied by glibc version in SLE-12.
+ (Marcus Meissner)
+ Refs boo#1239182
+ * Add patch go-fixseccomp.patch
+
+-------------------------------------------------------------------
@@ -5,3 +48,2 @@
- net/http, x/net/proxy, and x/net/http/httpproxy packages, as well
- as bug fixes to the compiler, the runtime, the go command and the
- crypto, debug, os and reflect packages.
+ net/http package, as well as bug fixes to cgo, the compiler, the
+ go command, and the reflect, runtime, and syscall packages.
Old:
----
go1.24.1.src.tar.gz
New:
----
go-fixseccomp.patch
go1.24.2.src.tar.gz
BETA DEBUG BEGIN:
New: Refs boo#1239182
* Add patch go-fixseccomp.patch
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ go1.24.spec ++++++
--- /var/tmp/diff_new_pack.qCK8fT/_old 2025-04-03 18:43:59.422249131 +0200
+++ /var/tmp/diff_new_pack.qCK8fT/_new 2025-04-03 18:43:59.426249299 +0200
@@ -122,7 +122,7 @@
%endif
Name: go1.24
-Version: 1.24.1
+Version: 1.24.2
Release: 0
Summary: A compiled, garbage-collected, concurrent programming language
License: BSD-3-Clause
@@ -134,12 +134,13 @@
Source6: go.gdbinit
# We have to compile TSAN ourselves. boo#1052528
# Preferred form when all arches share llvm race version
-# Source100: llvm-%{tsan_commit}.tar.xz
+# Source100: llvm-tsan_commit.tar.xz
Source100: llvm-51bfeff0e4b0757ff773da6882f4d538996c9b04.tar.xz
# PATCH-FIX-OPENSUSE: https://go-review.googlesource.com/c/go/+/391115
Patch7: dont-force-gold-on-arm64.patch
# PATCH-FIX-UPSTREAM marguer...@opensuse.org - find /usr/bin/go-8 when
bootstrapping with gcc8-go
Patch8: gcc-go.patch
+Patch9: go-fixseccomp.patch
BuildRoot: %{_tmppath}/%{name}-%{version}-build
# boostrap
%if %{with gccgo}
@@ -225,6 +226,15 @@
# go
%setup -q -n go
%patch -P 7 -p1
+
+# SLE-12 only: Add declarations to Cgo seccomp_linux.go
+# for new syscalls seccomp and getrandom which are not present
+# in the kernel headers supplied by glibc version in SLE-12.
+# Refs boo#1239182
+%if 0%{?suse_version} && 0%{?suse_version} < 1500
+%patch -P 9 -p1
+%endif
+
%if %{with gccgo}
# Currently gcc-go does not manage an update-alternatives entry and will
# never be symlinked as "go", even if gcc-go is the only installed go
toolchain.
++++++ go-fixseccomp.patch ++++++
commit 29ebdb37c7095e258303f1c6a05e3af74c440b98
Author: Marcus Meissner <>
Date: Sat May 3 12:02:40 2025 -0700
Add defines for seccomp and getrandom missing in older kernel headers
go1.24 requires kernel headers supplied by glibc new enough to define
seccomp and getrandom
Building the go1.24 toolchain with older kernel headers fails during the
bootstrap phase with the nonspecific error:
go tool dist: FAILED: go/pkg/tool/linux_amd64/go_bootstrap install -v std:
exit status 1
diff --git a/src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go
b/src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go
index 32ef52a..0654fcb 100644
--- a/src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go
+++ b/src/crypto/internal/sysrand/internal/seccomp/seccomp_linux.go
@@ -49,6 +49,59 @@ struct seccomp_data {
#define SECCOMP_RET_ALLOW 0x7fff0000U
#define SECCOMP_SET_MODE_FILTER 1
+#ifndef SYS_seccomp
+# if defined(__i386__)
+# define SYS_seccomp 354
+# elif defined(__x86_64__)
+# define SYS_seccomp 317
+# elif defined(__arm__)
+# define SYS_seccomp 383
+# elif defined(__aarch64__)
+# define SYS_seccomp 277
+# elif defined(__riscv)
+# define SYS_seccomp 277
+# elif defined(__csky__)
+# define SYS_seccomp 277
+# elif defined(__loongarch__)
+# define SYS_seccomp 277
+# elif defined(__hppa__)
+# define SYS_seccomp 338
+# elif defined(__powerpc__)
+# define SYS_seccomp 358
+# elif defined(__s390__)
+# define SYS_seccomp 348
+# elif defined(__xtensa__)
+# define SYS_seccomp 337
+# elif defined(__sh__)
+# define SYS_seccomp 372
+# elif defined(__mc68000__)
+# define SYS_seccomp 380
+# else
+# warning "seccomp syscall number unknown for this architecture"
+# define SYS_seccomp 0xffff
+# endif
+#endif
+
+
+#ifndef SYS_getrandom
+# if defined(__i386__)
+# define SYS_getrandom 355
+# elif defined(__x86_64__)
+# define SYS_getrandom 318
+# elif defined(__arm__)
+# define SYS_getrandom 384
+# elif defined(__aarch64__)
+# define SYS_getrandom 278
+# elif defined(__powerpc__)
+# define SYS_getrandom 359
+# elif defined(__s390__)
+# define SYS_getrandom 349
+# else
+# warning "getrandom syscall number unknown for this architecture"
+# define SYS_getrandom 0xffff
+# endif
+#endif
+
int disable_getrandom() {
if (prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0)) {
return 1;
++++++ go1.24.1.src.tar.gz -> go1.24.2.src.tar.gz ++++++
/work/SRC/openSUSE:Factory/go1.24/go1.24.1.src.tar.gz
/work/SRC/openSUSE:Factory/.go1.24.new.1907/go1.24.2.src.tar.gz differ: char
110, line 1
