Hello community, here is the log from the commit of package go for openSUSE:Factory checked in at 2018-12-27 00:24:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/go (Old) and /work/SRC/openSUSE:Factory/.go.new.28833 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "go" Thu Dec 27 00:24:56 2018 rev:94 rq:658809 version:1.11.4 Changes: -------- --- /work/SRC/openSUSE:Factory/go/go.changes 2018-11-18 23:21:00.606289012 +0100 +++ /work/SRC/openSUSE:Factory/.go.new.28833/go.changes 2018-12-27 00:24:57.739880332 +0100 @@ -1,0 +2,46 @@ +Sat Dec 15 17:58:49 UTC 2018 - Jeff Kowalczyk <[email protected]> + +- go1.11.4 (released 2018/12/14) includes fixes to cgo, the compiler, linker, + runtime, documentation, go command, and the net/http and go/types packages. + It includes a fix to a bug introduced in Go 1.11.3 that broke go get for + import path patterns containing "...". See the Go 1.11.4 milestone on our + issue tracker for details. + https://github.com/golang/go/issues?q=milestone%3AGo1.11.4+label%3ACherryPickApproved + * go#29272 misc/cgo/test: issue24161 tests broken on Darwin + * go#29248 cmd/go: "go get" fails on import path patterns with wildcards ("...") + * go#29191 cmd/go: symbolic links not dropped from repo + * go#29112 cmd/link: too many open files on high object-count dependencies + * go#28974 cmd/go: need to backport relaxing of go.mod go verb constraints to 1.11 series + * go#28972 go/types: problem with alias type + * go#28916 cmd/cgo: nested structure has too much alignment padding + * go#28799 runtime: fatal error: out of memory on reslice with negative index + * go#28752 reflect: scanning invalid return slots during a makeFunc call + * go#28725 cmd/go: panic when argument doesn't match any packages + * go#28694 cmd/compile: inline multiplication corrupts an argument on arm + * go#28690 runtime: ThreadSanitizer CHECK failed + * go#28673 x/net/http2: Transport is leaking streams on broken Body + * go#28617 cmd/compile: panic during fuse with if true block containing a goto and a return + * go#28586 cmd/compile: go binaries not working on exynos 64 bit CPUs + * go#27395 cmd/cgo: typedef pointer arguments regression + * go#27383 cmd/compile: failure on a function type alias + +------------------------------------------------------------------- +Thu Dec 13 23:57:46 UTC 2018 - Jeff Kowalczyk <[email protected]> + +- Update to Go 1.11.3 (released 2018/12/13). This includes fixes to + the crypto/x509 and cmd/go packages. See the Go 1.11.3 milestone + on upstream tracker for details: + https://github.com/golang/go/issues?q=milestone%3AGo1.11.3 + * bsc#1118897 CVE-2018-16873 + go#29230 cmd/go: remote command execution during "go get -u" + * bsc#1118898 CVE-2018-16874 + go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths + * bsc#1118899 CVE-2018-16875 + go#29233 crypto/x509: CPU denial of service + * Upstream is aware of a functionality regression in "go get" when + executed in GOPATH mode on an import path pattern containing "..." + (e.g., "go get github.com/golang/pkg/..."), when downloading + packages not already present in the GOPATH workspace. This is go#29241 + and will be resolved in the next minor patch release go-1.11.4 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ go.spec ++++++ --- /var/tmp/diff_new_pack.IwYZvT/_old 2018-12-27 00:24:58.395879797 +0100 +++ /var/tmp/diff_new_pack.IwYZvT/_new 2018-12-27 00:24:58.399879794 +0100 @@ -22,7 +22,7 @@ %define short_version 1.11 Name: go -Version: 1.11.1 +Version: 1.11.4 Release: 0 BuildRoot: %{_tmppath}/%{name}-%{version}-build Summary: A compiled, garbage-collected, concurrent programming language
