golang/golang.spec

%global debug_package %{nil}
%global _binaries_in_noarch_packages_terminate_build 0
%global golibdir %{_libdir}/golang
%global goroot /usr/lib/%{name}
%global go_api 1.17
%global go_version 1.17
%global __spec_install_post /usr/lib/rpm/check-rpaths /usr/lib/rpm/check-buildroot /usr/lib/rpm/brp-compress
%global __requires_exclude_from ^(%{_datadir}|/usr/lib)/%{name}/(doc|src)/.*$
%global __strip /bin/true
%global vendor %{?_vendor:%{_vendor}}%{!?_vendor:openEuler}
%define _use_internal_dependency_generator 0
%define __find_requires %{nil}

%bcond_with bootstrap
%ifarch x86_64 aarch64 riscv64
%bcond_without ignore_tests
%else
%bcond_with ignore_tests
%endif

%ifarch x86_64 aarch64 riscv64
%global external_linker 1
%else
%global external_linker 0
%endif

%ifarch x86_64 aarch64 riscv64
%global cgo_enabled 1
%else
%global cgo_enabled 0
%endif

%if %{with bootstrap}
%global golang_bootstrap 0
%else
%global golang_bootstrap 1
%endif

%if %{with ignore_tests}
%global fail_on_tests 0
%else
%global fail_on_tests 1
%endif

%global shared 0

%ifarch x86_64
%global race 1
%else
%global race 0
%endif

%ifarch x86_64
%global gohostarch amd64
%endif
%ifarch aarch64
%global gohostarch arm64
%endif
%ifarch riscv64
%global gohostarch riscv64
%endif


Name:           golang
Version:        1.17.3
Release:        37
Summary:        The Go Programming Language
License:        BSD and Public Domain
URL:            https://golang.org/
Source0:        https://dl.google.com/go/go1.17.3.src.tar.gz

%if !%{golang_bootstrap}
BuildRequires:  gcc-go >= 5
%else
BuildRequires:  golang > 1.4
%endif
BuildRequires:  hostname
# for tests
BuildRequires:  pcre-devel, glibc-static, perl-interpreter, procps-ng

Provides:       go = %{version}-%{release}
Requires:       %{name}-devel = %{version}-%{release}

Obsoletes:      %{name}-pkg-bin-linux-386 < 1.4.99
Obsoletes:      %{name}-pkg-bin-linux-amd64 < 1.4.99
Obsoletes:      %{name}-pkg-bin-linux-arm < 1.4.99
Obsoletes:      %{name}-pkg-linux-386 < 1.4.99
Obsoletes:      %{name}-pkg-linux-amd64 < 1.4.99
Obsoletes:      %{name}-pkg-linux-arm < 1.4.99
Obsoletes:      %{name}-vet < 0-12.1
Obsoletes:      %{name}-cover < 0-12.1

Requires(post): %{_sbindir}/update-alternatives
Requires(postun): %{_sbindir}/update-alternatives
Recommends: glibc gcc git subversion


# generated by:
# go list -f {{.ImportPath}} ./src/vendor/... | sed "s:_$PWD/src/vendor/::g;s:_:.:;s:.*:Provides\: bundled(golang(&)):" && go list -f {{.ImportPath}} ./src/cmd/vendor/... | sed "s:_$PWD/src/cmd/vendor/::g;s:_:.:;s:.*:Provides\: bundled(golang(&)):"
Provides: bundled(golang(golang.org/x/crypto/chacha20poly1305))
Provides: bundled(golang(golang.org/x/crypto/cryptobyte))
Provides: bundled(golang(golang.org/x/crypto/cryptobyte/asn1))
Provides: bundled(golang(golang.org/x/crypto/curve25519))
Provides: bundled(golang(golang.org/x/crypto/internal/chacha20))
Provides: bundled(golang(golang.org/x/crypto/poly1305))
Provides: bundled(golang(golang.org/x/net/dns/dnsmessage))
Provides: bundled(golang(golang.org/x/net/http/httpguts))
Provides: bundled(golang(golang.org/x/net/http/httpproxy))
Provides: bundled(golang(golang.org/x/net/http2/hpack))
Provides: bundled(golang(golang.org/x/net/idna))
Provides: bundled(golang(golang.org/x/net/internal/nettest))
Provides: bundled(golang(golang.org/x/net/nettest))
Provides: bundled(golang(golang.org/x/text/secure))
Provides: bundled(golang(golang.org/x/text/secure/bidirule))
Provides: bundled(golang(golang.org/x/text/transform))
Provides: bundled(golang(golang.org/x/text/unicode))
Provides: bundled(golang(golang.org/x/text/unicode/bidi))
Provides: bundled(golang(golang.org/x/text/unicode/norm))
Provides: bundled(golang(github.com/google/pprof/driver))
Provides: bundled(golang(github.com/google/pprof/internal/binutils))
Provides: bundled(golang(github.com/google/pprof/internal/driver))
Provides: bundled(golang(github.com/google/pprof/internal/elfexec))
Provides: bundled(golang(github.com/google/pprof/internal/graph))
Provides: bundled(golang(github.com/google/pprof/internal/measurement))
Provides: bundled(golang(github.com/google/pprof/internal/plugin))
Provides: bundled(golang(github.com/google/pprof/internal/proftest))
Provides: bundled(golang(github.com/google/pprof/internal/report))
Provides: bundled(golang(github.com/google/pprof/internal/symbolizer))
Provides: bundled(golang(github.com/google/pprof/internal/symbolz))
Provides: bundled(golang(github.com/google/pprof/profile))
Provides: bundled(golang(github.com/google/pprof/third.party/d3))
Provides: bundled(golang(github.com/google/pprof/third.party/d3flamegraph))
Provides: bundled(golang(github.com/google/pprof/third.party/svgpan))
Provides: bundled(golang(github.com/ianlancetaylor/demangle))
Provides: bundled(golang(golang.org/x/arch/arm/armasm))
Provides: bundled(golang(golang.org/x/arch/arm64/arm64asm))
Provides: bundled(golang(golang.org/x/arch/ppc64/ppc64asm))
Provides: bundled(golang(golang.org/x/arch/x86/x86asm))
Provides: bundled(golang(golang.org/x/crypto/ssh/terminal))
Provides: bundled(golang(golang.org/x/sys/unix))
Provides: bundled(golang(golang.org/x/sys/windows))
Provides: bundled(golang(golang.org/x/sys/windows/registry))

Provides:       %{name}-bin = %{version}-%{release}
Obsoletes:      %{name}-bin
Obsoletes:      %{name}-shared
Obsoletes:      %{name}-docs
Obsoletes:      %{name}-data < 1.1.1-4
Obsoletes:      %{name}-vim < 1.4
Obsoletes:      emacs-%{name} < 1.4
Requires:       %{vendor}-rpm-config

Patch6001:	0001-release-branch.go1.17-crypto-elliptic-tolerate-zero-.patch
Patch6002:	0002-release-branch.go1.17-encoding-pem-fix-stack-overflo.patch
Patch6003:	0003-release-branch.go1.17-syscall-fix-ForkLock-spurious-.patch
Patch6004:	0004-backport-cmd-link-mark-unexported-methods-for-plugins.patch
Patch6005:	0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch
Patch6006:	0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch
Patch6007:	0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch
Patch6008:	0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch
Patch6009:	0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch
Patch6010:	0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch
Patch6011:	0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch
Patch6012:	0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch
Patch6013:	0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch
Patch6014:	0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch
Patch6015:	0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch
Patch6016:	0016-release-branch.go1.17-math-big-check-buffer-lengths-.patch
Patch6017:	0017-path-filepath-do-not-remove-prefix-.-when-following-.patch
Patch6018:	0018-release-branch.go1.17-syscall-check-correct-group-in.patch
Patch6019:	0019-release-branch.go1.18-net-http-update-bundled-golang.patch
Patch6020:	0020-release-branch.go1.18-regexp-limit-size-of-parsed-re.patch
Patch6021:	0021-release-branch.go1.18-net-http-httputil-avoid-query-.patch
Patch6022:	0022-release-branch.go1.18-archive-tar-limit-size-of-head.patch
Patch6023:	0023-syscall-os-exec-reject-environment-variables-contain.patch
Patch6024:	0024-release-branch.go1.18-add-definition-byte-string-cut.patch
Patch6025:	0025-release-branch.go1.17-crypto-elliptic-make-IsOnCurve.patch
Patch6026:	0026-release-branch.go1.17-cmd-go-internal-modfetch-do-no.patch
Patch6027:	0027-release-branch.go1.17-regexp-syntax-reject-very-deep.patch
Patch6028:	0028-release-branch.go1.17-net-http-update-bundled-golang.patch
Patch6029:	0029-release-branch.go1.17-math-big-prevent-overflow-in-R.patch
Patch6030:	0030-release-branch.go1.18-net-http-update-bundled-golang.patch
Patch6031:	0031-all-update-vendored-golang.org-x-net.patch
Patch6032:	0032-crypto-tls-replace-all-usages-of-BytesOrPanic.patch
Patch6033:	0033-mime-multipart-limit-memory-inode-consumption-of-Rea.patch
Patch6034:	0034-release-branch.go1.19-net-textproto-avoid-overpredic.patch
Patch6035:	0035-release-branch.go1.19-go-scanner-reject-large-line-a.patch
Patch6036:	0036-release-branch.go1.19-html-template-disallow-actions.patch
Patch6037:	0037-release-branch.go1.19-mime-multipart-avoid-excessive.patch
Patch6038:	0038-release-branch.go1.19-net-textproto-mime-multipart-i.patch
Patch6039:	0039-release-branch.go1.19-mime-multipart-limit-parsed-mi.patch
Patch6040:  0040-Backport-html-template-emit-filterFailsafe-for-empty.patch
Patch6041:  0041-Backport-html-template-handle-all-JS-whitespace-char.patch
Patch6042:  0042-Backport-html-template-disallow-angle-brackets-in-CS.patch
Patch6043:	0043-Backport-runtime-implement-SUID-SGID-protections.patch
Patch6044:	0044-Backport-cmd-go-disallow-package-directories-contain.patch
Patch6045:	0045-Backport-cmd-go-enforce-flags-with-non-optional-argu.patch
Patch6046:	0046-Backport-cmd-go-cmd-cgo-in-_cgo_flags-use-one-line-p.patch
Patch6047:	0047-Backport-net-http-validate-Host-header-before-sendin.patch
Patch6048:	0048-Backport-net-http-permit-requests-with-invalid-Host-headers.patch
Patch6049:	0049-Backport-crypto-tls-restrict-RSA-keys-in-certificates-to-8192.patch
Patch6050:	0050-Backport-html-template-support-HTML-like-comments-in.patch
Patch6051:	0051-Backport-html-template-properly-handle-special-tags-.patch
Patch6052:	0052-Backport-cmd-compile-use-absolute-file-name-in-isCgo.patch
Patch6053:	0053-CVE-2023-39325-net-http-regenerate-h2_bundle.go.patch
Patch6054:	0054-CVE-2023-39326-net-http-limit-chunked-data-overhead.patch
Patch6055:	0055-CVE-2023-45285-cmd-go-internal-vcs-error-out-if-the-reques.patch
Patch6056:	0056-fix-test-error-about-mod_insecure_issue63845.patch
Patch6057:	0057-release-branch.go1.21-crypto-x509-make-sure-pub-key-.patch
Patch6058:	0058-release-branch.go1.21-html-template-escape-additiona.patch
Patch6059:	0059-release-branch.go1.21-net-textproto-mime-multipart-a.patch
Patch6060:	0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
Patch6061:	0061-Backport-net-mail-properly-handle-special-characters.patch
Patch6062:	0062-1.17-backport-runtime-decrement-netpollWaiters-in-ne.patch
Patch6063:	0063-1.17-backport-runtime-adjust-netpollWaiters-after-go.patch
Patch6064:	0064-Backport-net-http-update-bundled-golang.org-x-net-ht.patch
Patch6065:	0065-Backport-cmd-go-disallow-lto_library-in-LDFLAGS.patch
Patch6066:	0066-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
Patch6067:	0067-Backport-net-http-send-body-or-close-connection-on-e.patch
Patch6068:	0068-Backport-go-parser-track-depth-in-nested-element-lis.patch
Patch6069:	0069-Backport-encoding-gob-cover-missed-cases-when-checki.patch
Patch6070:	0070-Backport-go-build-constraint-add-parsing-limits.patch

ExclusiveArch:  %{golang_arches}

%description
%{summary}.

%package       help
Summary:       Golang compiler helps and manual docs
Requires:      %{name} = %{version}-%{release}
BuildArch:     noarch
Provides:      %{name}-docs = %{version}-%{release}
Obsoletes:     %{name}-docs
Provides:      %{name}-shared = %{version}-%{release}
Obsoletes:     %{name}-shared

%description   help
%{summary}.

%package       devel
Summary:       Golang compiler devel
BuildArch:     noarch
Requires:      %{name} = %{version}-%{release}
Provides:      %{name}-src  = %{version}-%{release}
Obsoletes:     %{name}-src
Provides:      %{name}-tests = %{version}-%{release}
Obsoletes:     %{name}-tests
Provides:      %{name}-misc = %{version}-%{release}
Obsoletes:     %{name}-misc
Obsoletes:     %{name}-race = %{version}-%{release}

%description   devel
%{summary}.

# Workaround old RPM bug of symlink-replaced-with-dir failure
%pretrans -p <lua>
for _,d in pairs({"api", "doc", "include", "lib", "src"}) do
  path = "%{goroot}/" .. d
  if posix.stat(path, "type") == "link" then
    os.remove(path)
    posix.mkdir(path)
  end
end

%prep
%autosetup -n go -p1

%build
uname -a
cat /proc/cpuinfo
cat /proc/meminfo

%if !%{golang_bootstrap}
export GOROOT_BOOTSTRAP=/
%else
export GOROOT_BOOTSTRAP=%{goroot}
%endif

export GOROOT_FINAL=%{goroot}
export GOHOSTOS=linux
export GOHOSTARCH=%{gohostarch}

pushd src
export CFLAGS="$RPM_OPT_FLAGS"
export LDFLAGS="$RPM_LD_FLAGS"
export CC="gcc"
export CC_FOR_TARGET="gcc"
export GOOS=linux
export GOARCH=%{gohostarch}
%if !%{external_linker}
export GO_LDFLAGS="-linkmode internal"
%endif
%if !%{cgo_enabled}
export CGO_ENABLED=0
%endif

%ifarch aarch64
export GO_LDFLAGS="-s -w"
%endif

./make.bash --no-clean -v
popd

%if %{shared}
GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -buildmode=shared -v -x std
%endif

%if %{race}
GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -race -v -x std
%endif

%install
rm -rf %{buildroot}
rm -rf pkg/obj/go-build/*

mkdir -p %{buildroot}%{_bindir}
mkdir -p %{buildroot}%{goroot}

cp -apv api bin doc lib pkg src misc test VERSION \
   %{buildroot}%{goroot}

# bz1099206
find %{buildroot}%{goroot}/src -exec touch -r %{buildroot}%{goroot}/VERSION "{}" \;
# and level out all the built archives
touch %{buildroot}%{goroot}/pkg
find %{buildroot}%{goroot}/pkg -exec touch -r %{buildroot}%{goroot}/pkg "{}" \;
# generate the spec file ownership of this source tree and packages
cwd=$(pwd)
src_list=$cwd/go-src.list
pkg_list=$cwd/go-pkg.list
shared_list=$cwd/go-shared.list
race_list=$cwd/go-race.list
misc_list=$cwd/go-misc.list
docs_list=$cwd/go-docs.list
tests_list=$cwd/go-tests.list
rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
pushd %{buildroot}%{goroot}
    find src/ -type d -a \( ! -name testdata -a ! -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $src_list
    find src/ ! -type d -a \( ! -ipath '*/testdata/*' -a ! -name '*_test.go' \) -printf '%{goroot}/%p\n' >> $src_list

    find bin/ pkg/ -type d -a ! -path '*_dynlink/*' -a ! -path '*_race/*' -printf '%%%dir %{goroot}/%p\n' >> $pkg_list
    find bin/ pkg/ ! -type d -a ! -path '*_dynlink/*' -a ! -path '*_race/*' -printf '%{goroot}/%p\n' >> $pkg_list

    find doc/ -type d -printf '%%%dir %{goroot}/%p\n' >> $docs_list
    find doc/ ! -type d -printf '%{goroot}/%p\n' >> $docs_list

    find misc/ -type d -printf '%%%dir %{goroot}/%p\n' >> $misc_list
    find misc/ ! -type d -printf '%{goroot}/%p\n' >> $misc_list

%if %{shared}
    mkdir -p %{buildroot}/%{_libdir}/
    mkdir -p %{buildroot}/%{golibdir}/
    for file in $(find .  -iname "*.so" ); do
        chmod 755 $file
        mv  $file %{buildroot}/%{golibdir}
        pushd $(dirname $file)
        ln -fs %{golibdir}/$(basename $file) $(basename $file)
        popd
        echo "%%{goroot}/$file" >> $shared_list
        echo "%%{golibdir}/$(basename $file)" >> $shared_list
    done
    
	find pkg/*_dynlink/ -type d -printf '%%%dir %{goroot}/%p\n' >> $shared_list
	find pkg/*_dynlink/ ! -type d -printf '%{goroot}/%p\n' >> $shared_list
%endif

%if %{race}

    find pkg/*_race/ -type d -printf '%%%dir %{goroot}/%p\n' >> $race_list
    find pkg/*_race/ ! -type d -printf '%{goroot}/%p\n' >> $race_list

%endif

    find test/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list
    find test/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list
    find src/ -type d -a \( -name testdata -o -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $tests_list
    find src/ ! -type d -a \( -ipath '*/testdata/*' -o -name '*_test.go' \) -printf '%{goroot}/%p\n' >> $tests_list
    # this is only the zoneinfo.zip
    find lib/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list
    find lib/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list
popd

rm -rfv %{buildroot}%{goroot}/doc/Makefile

mkdir -p %{buildroot}%{goroot}/bin/linux_%{gohostarch}
ln -sf %{goroot}/bin/go %{buildroot}%{goroot}/bin/linux_%{gohostarch}/go
ln -sf %{goroot}/bin/gofmt %{buildroot}%{goroot}/bin/linux_%{gohostarch}/gofmt

mkdir -p %{buildroot}%{gopath}/src/github.com
mkdir -p %{buildroot}%{gopath}/src/bitbucket.org
mkdir -p %{buildroot}%{gopath}/src/code.google.com/p
mkdir -p %{buildroot}%{gopath}/src/golang.org/x

%check
export GOROOT=$(pwd -P)
export PATH="$GOROOT"/bin:"$PATH"
cd src

export CC="gcc"
export CFLAGS="$RPM_OPT_FLAGS"
export LDFLAGS="$RPM_LD_FLAGS"
%if !%{external_linker}
export GO_LDFLAGS="-linkmode internal"
%endif
%if !%{cgo_enabled} || !%{external_linker}
export CGO_ENABLED=0
%endif

export GO_TEST_TIMEOUT_SCALE=2

%if %{fail_on_tests}
echo tests ignored
%else
./run.bash --no-rebuild -v -k -run='!(archive/tar|go/build|cmd/link|cmd/nm|tyepparams|race|flag|cgo_stdio|cgo_life|cgo_errors|test:0_1|api)'
%endif
cd ..

%post
%{_sbindir}/update-alternatives --install %{_bindir}/go \
    go %{goroot}/bin/go 90 \
    --slave %{_bindir}/gofmt gofmt %{goroot}/bin/gofmt

%preun
if [ $1 = 0 ]; then
    %{_sbindir}/update-alternatives --remove go %{goroot}/bin/go
fi

%if %{shared}
%files -f go-pkg.list -f go-shared.list
%else
%files -f go-pkg.list
%endif

%doc AUTHORS CONTRIBUTORS LICENSE PATENTS
%doc %{goroot}/VERSION
%dir %{goroot}/doc
%doc %{goroot}/doc/*
%dir %{goroot}
%exclude %{goroot}/src/
%exclude %{goroot}/doc/
%exclude %{goroot}/misc/
%exclude %{goroot}/test/
%exclude %{goroot}/lib/
%{goroot}/*
%dir %{gopath}
%dir %{gopath}/src
%dir %{gopath}/src/github.com/
%dir %{gopath}/src/bitbucket.org/
%dir %{gopath}/src/code.google.com/
%dir %{gopath}/src/code.google.com/p/
%dir %{gopath}/src/golang.org
%dir %{gopath}/src/golang.org/x

%files help -f go-docs.list

%files devel -f go-tests.list -f go-misc.list -f go-src.list

%changelog
* Tue Oct 22 2024 hanchao <hanchao63@huawei.com> - 1.17.3-37
- Type:CVE
- CVE:CVE-2024-34156,CVE-2024-34158
- SUG:NA
- DESC:fix CVE-2024-34156,CVE-2024-34158

* Wed Oct 16 2024 hanchao <hanchao63@huawei.com> - 1.17.3-36
- Type:CVE
- CVE:CVE-2024-34155
- SUG:NA
- DESC:fix CVE-2024-34155

* Tue Aug 06 2024 hanchao <hanchao63@huawei.com> - 1.17.3-35
- Type:CVE
- CVE:CVE-2024-24791
- SUG:NA
- DESC:fix CVE-2024-24791

* Mon Jun 24 2024 yangjiaqi <yangjiaqi16@huawei.com> - 1.17.3-34
- Type:CVE
- CVE:CVE-2024-24789
- SUG:NA
- DESC:fix CVE-2024-24789

* Mon May 27 2024 lujingxiao <lujingxiao@huawei.com> - 1.17.3-33
- Type:CVE
- CVE:CVE-2024-24787
- SUG:NA
- DESC:fix CVE-2024-24787

* Tue Apr 16 2024 hanchao <hanchao63@huawei.com> - 1.17.3-32
- Type:CVE
- CVE:CVE-2023-45288
- SUG:NA
- DESC:fix CVE-2023-45288

* Fri Mar 29 2024 wangshuo <wangshuo@kylinos.cn> - 1.17.3-31
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:backport the upstream patch, fix the overflow issue in runtime.netpollWaiters

* Wed Mar 27 2024 hanchao <hanchao63@huawei.com> - 1.17.3-30
- Type:CVE
- CVE:CVE-2024-24784
- SUG:NA
- DESC:fix CVE-2024-24784

* Wed Mar 27 2024 hanchao <hanchao63@huawei.com> - 1.17.3-29
- Type:bugfix
- CVE:
- SUG:NA
- DESC:fix failure of `net/http` unit test and enable go unit test

* Fri Mar 15 2024 hanchao <hanchao63@huawei.com> - 1.17.3-28
- Type:CVE
- CVE:CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289
- SUG:NA
- DESC:fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289

* Tue Jan 16 2024 wangshuo <wangshuo@kylinos.cn> - 1.17.3-27
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix test error about mod_insecure_issue63845

* Fri Dec 15 2023 hanchao <hanchao63@huawei.com> - 1.17.3-26
- Type:CVE
- CVE:CVE-2023-39326,CVE-2023-45285
- SUG:NA
- DESC:fix CVE-2023-39326,CVE-2023-45285

* Mon Oct 23 2023 hanchao <hanchao63@huawei.com> - 1.17.3-25
- Type:CVE
- CVE:CVE-2023-39325
- SUG:NA
- DESC:fix CVE-2023-39325

* Fri Oct 13 2023 luoyujie <luoyujie5@huawei.com> - 1.17.3-24
- Type:CVE
- CVE:CVE-2023-39323
- SUG:NA
- DESC:fix CVE-2023-39323

* Mon Sep 25 2023 luoyujie <luoyujie5@huawei.com> - 1.17.3-23
- Type:CVE
- CVE:CVE-2023-39318,CVE-2023-39319
- SUG:NA
- DESC:fix CVE-2023-39318 and CVE-2023-39319

* Fri Aug 25 2023 luoyujie <luoyujie5@huawei.com> - 1.17.3-22
- Type:CVE
- CVE:CVE-2023-29409
- SUG:NA
- DESC:fix CVE-2023-29409

* Fri Aug 25 2023 sunchendong <sunchendong@xfusion.com> - 1.17.3-21
- permit invalid host header for docker

* Fri Jul 21 2023 hanchao <hanchao63@huawei.com> - 1.17.3-20
- Type:CVE
- CVE:CVE-2023-29406
- SUG:NA
- DESC:fix CVE-2023-29406

* Wed Jun 21 2023 hanchao <hanchao63@huawei.com> - 1.17.3-19
- Type:CVE
- CVE:CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405
- SUG:NA
- DESC:fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405

* Mon May 22 2023 hanchao <hanchao63@huawei.com> - 1.17.3-18
- Type:CVE
- CVE:CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
- SUG:NA
- DESC: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540

* Thu Apr 13 2023 hanchao <hanchao47@huawei.com> - 1.17.3-17
- Type:CVE
- CVE:CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
- SUG:NA
- DESC: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538

* Thu Apr 13 2023 penghaitao <htpengc@isoftstone.com> - 1.17.3-16
- fix bogus date in %changelog

* Tue Mar 21 2023 hanchao <hanchao47@huawei.com> - 1.17.3-15
- Type:CVE
- CVE:CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
- SUG:NA
- DESC: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725

* Fri Jan 20 2023 hanchao <hanchao47@huawei.com> - 1.17.3-14
- Type:CVE
- CVE:CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
- SUG:NA
- DESC: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717

* Sat Dec 17 2022 wanglimin<wanglimin@xfusion.com> - 1.17.3-13
- Add string cut

* Tue Oct 11 2022 hanchao <hanchao47@huawei.com> - 1.17.3-12
- Type:CVE
- CVE:CVE-2022-41716
- SUG:NA
- DESC: remove hard code and strong dependency of git, subversion and mercurial

* Tue Oct 11 2022 hanchao <hanchao47@huawei.com> - 1.17.3-11
- Type:CVE
- CVE:CVE-2022-41716
- SUG:NA
- DESC: fix CVE-2022-41716

* Mon Oct 10 2022 hanchao <hanchao47@huawei.com> - 1.17.3-10
- Type:CVE
- CVE:CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
- SUG:NA
- DESC: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879

* Thu Sep 15 2022 hanchao <hanchao47@huawei.com> - 1.17.3-9
- Type:CVE
- CVE:CVE-2022-27664
- SUG:NA
- DESC: fix CVE-2022-27664

* Thu Sep 8 2022 hanchao<hanchao47@huawei.com> - 1.17.3-8
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC: golang: modify the golang.spec to remove unnecessary files
	from golang-help package

* Thu Aug 18 2022 hanchao <hanchao47@huawei.com> - 1.17.3-7
- Type:CVE
- CVE:CVE-2022-29804,CVE-2022-29526
- SUG:NA
- DESC: fix CVE-2022-29804,CVE-2022-29526

* Mon Aug 8 2022 hanchao <hanchao47@huawei.com> - 1.17.3-6
- Type:CVE
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-32189

* Tue Jul 26 2022 hanchao <hanchao47@huawei.com> - 1.17.3-5
- Type:CVE
- CVE:NA
- SUG:NA
- DESC: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
	CVE-2022-30635,CVE-2022-30630,CVE-2022-30632,CVE-2022-28131,
	CVE-2022-30631,CVE-2022-30629,CVE-2022-30634

* Tue Jun 28 2022 Bin Hu <hubin73@huawei.com> - 1.17.3-4
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:backport patch to fix bug of golang plugin mode

* Fri May 6 2022 hanchao <hanchao47@huawei.com> - 1.17.3-3
- Type:CVE
- CVE:CVE-2021-44717
- SUG:NA
- DESC:fix CVE-2021-44717
- fix CVE-2021-44717

* Fri May 6 2022 hanchao <hanchao47@huawei.com> - 1.17.3-2
- Type:CVE
- CVE:CVE-2022-28327,CVE-2022-24675
- SUG:NA
- DESC:fix CVE-2022-28327,CVE-2022-24675
- fix CVE-2022-28327 CVE-2022-24675

* Mon Nov 29 2021 chenjiankun <chenjiankun1@huawei.com> - 1.17.3-1
- upgrade to 1.17.3