packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
104 Commits 1 Branch 0 Tags
Commit Graph

104 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
wujichao
d387a24327 [backport]fix CVE-2025-22870 
Note:In the modification of the original CVE, the net/netip package was used. However, this package is not available in current version.Therefore, the parseIPZone function in the net package is used instead for the fix.
(cherry picked from commit bc6a64df2b449c94b4d88e4e09761f05fefc3e99)
 2025-04-10 20:49:12 +08:00
openeuler-ci-bot
e9e052024d
!477 [backport]fix CVE-2024-45341 CVE-2024-45336 
From: @wu-jichao123 
Reviewed-by: @hcnbxx 
Signed-off-by: @hcnbxx
 2025-02-25 03:18:12 +00:00
wujichao
d0130fc44f [backport]fix CVE-2024-45341 CVE-2024-45336 2025-02-24 16:44:11 +08:00
openeuler-ci-bot
0e85a0bca2
!435 fix CVE-2024-34155,CVE-2024-34156,CVE-2024-34158 
From: @hcnbxx 
Reviewed-by: @fuowang 
Signed-off-by: @fuowang
 2024-10-30 03:45:55 +00:00
hanchao
3421150f01 fix CVE-2024-34156,CVE-2024-34158 2024-10-22 20:18:06 +08:00
hanchao
d47ada7736 fix CVE-2024-34155 2024-10-22 16:26:57 +08:00
openeuler-ci-bot
5fac4acb73
!402 [Backport]fix CVE-2024-24791 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2024-08-13 02:24:18 +00:00
hanchao
d9e6a10be4 [Backport]fix CVE-2024-24791 2024-08-06 16:47:08 +08:00
openeuler-ci-bot
12767759d4
!383 [sync] PR-381: golang: fix CVE-2024-24789 
From: @openeuler-sync-bot 
Reviewed-by: @hcnbxx 
Signed-off-by: @hcnbxx
 2024-06-25 07:22:07 +00:00
vegbir
a4d48d5f36 golang: fix CVE-2024-24789 
Signed-off-by: vegbir <yangjiaqi16@huawei.com>
(cherry picked from commit 05d8718c3a2decd5a343af98ac75a2f159463d84)
 2024-06-25 14:43:25 +08:00
openeuler-ci-bot
c67ef5d7f5
!359 [sync] PR-355: backport: fix CVE-2024-24787 
From: @openeuler-sync-bot 
Reviewed-by: @hcnbxx 
Signed-off-by: @hcnbxx
 2024-05-28 01:32:03 +00:00
Lu Jingxiao
45b9f8c917 backport: fix CVE-2024-24787 
Signed-off-by: Lu Jingxiao <lujingxiao@huawei.com>
(cherry picked from commit d39fee73beadf014ecb2ee2533a2c3f233212809)
 2024-05-27 21:21:31 +08:00
openeuler-ci-bot
b10ec483f0
!339 backport: fix CVE-2023-45288 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2024-04-17 02:11:32 +00:00
hanchao
7804405571 backport: fix CVE-2023-45288 2024-04-16 19:16:54 +08:00
openeuler-ci-bot
8089ca2188
!326 backport the upstream patch, fix the overflow issue in runtime.netpollWaiters 
From: @fuowang 
Reviewed-by: @hcnbxx 
Signed-off-by: @hcnbxx
 2024-04-07 02:13:09 +00:00
wangshuo
7aa48df497 backport the upstream patch, fix the overflow issue in runtime.netpollWaiters 2024-03-29 16:32:59 +08:00
openeuler-ci-bot
1d8e621451
!316 fix CVE-2024-24784 and fix failure of net/http unit test 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2024-03-28 01:18:44 +00:00
hanchao
c32dec084c backport: fix CVE-2024-24784 2024-03-28 01:01:06 +08:00
hanchao
d535265919 bugfix: fix failure of net/http unit test and enable go test 2024-03-28 01:00:58 +08:00
openeuler-ci-bot
8b694ca375
!303 backport: fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2024-03-15 08:36:02 +00:00
hanchao
3230d05b4e backport: fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289 2024-03-15 13:34:02 +08:00
openeuler-ci-bot
029477aae1
!298 fix test error about mod_insecure_issue63845 
From: @fuowang 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2024-01-22 06:34:23 +00:00
wangshuo
0dd51de738 fix test error about mod_insecure_issue63845 2024-01-16 14:34:20 +08:00
openeuler-ci-bot
ce09a004ef
!285 cvefix:fix CVE-2023-39326,CVE-2023-45285 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2023-12-15 12:28:34 +00:00
hanchao
6e9c1b3214 cvefix:fix CVE-2023-39326,CVE-2023-45285 2023-12-15 20:22:12 +08:00
openeuler-ci-bot
0de88730b6
!282 sync: synchronize with the openEuler-22.03-LTS-SP2 
From: @hcnbxx 
Reviewed-by: @zhangsong234, @jing-rui 
Signed-off-by: @zhangsong234, @jing-rui
 2023-12-05 02:45:40 +00:00
hanchao
56ae71c2a1 cvefix: fix CVE-2023-39325 2023-12-05 11:44:29 +08:00
luoyujie
a55f2e83eb [Backport]fix CVE-2023-39323 2023-12-05 11:44:23 +08:00
luoyujie
2332a50120 fix CVE-2023-39318 and CVE-2023-39319 2023-12-05 11:44:14 +08:00
LuoYujie
6075b8d074 cvefix:fix CVE-2023-29409 2023-12-05 11:41:36 +08:00
openeuler-ci-bot
9faeb6202c
!252 permit requests with invalid Host headers 
From: @ChendongSun 
Reviewed-by: @jing-rui, @hcnbxx, @lleaf 
Signed-off-by: @lleaf, @jing-rui
 2023-08-25 08:49:22 +00:00
sunchendong
aac5d69daa permit requests with invalid Host headers 2023-08-25 15:08:46 +08:00
openeuler-ci-bot
fdca9901c9
!232 cvefix: fix CVE-2023-29406 
From: @hcnbxx 
Reviewed-by: @jing-rui, @zhangsong234 
Signed-off-by: @jing-rui
 2023-08-07 06:04:45 +00:00
hanchao
3bb0edf5eb cvefix: fix CVE-2023-29406 
reference:https://go-review.googlesource.com/c/go/+/507358
score:6.5
 2023-07-24 19:00:24 +08:00
openeuler-ci-bot
47445cc2b3
!210 cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405 
From: @hcnbxx 
Reviewed-by: @zhangsong234, @jing-rui 
Signed-off-by: @jing-rui
 2023-06-26 07:02:41 +00:00
hanchao
fd63bbeeb8 cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405 2023-06-26 00:52:31 +08:00
openeuler-ci-bot
28945ec2a4
!205 bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540,CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2023-06-20 01:32:49 +00:00
hanchao
4ba5829313 bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540 
CVE:CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
Reference:https://go-review.googlesource.com/c/go/+/491615,https://go-review.googlesource.com/c/go/+/491616,https://go-review.googlesource.com/c/go/+/491617
Type:CVE
Reason:fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
 2023-06-19 23:45:32 +08:00
hanchao
eeac9110d3 golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538 
CVE:CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
Reference:https://go-review.googlesource.com/c/go/+/481982,
  https://go-review.googlesource.com/c/go/+/481986,
  https://go-review.googlesource.com/c/go/+/481987,
  https://go-review.googlesource.com/c/go/+/481983,
  https://go-review.googlesource.com/c/go/+/481984,
  https://go-review.googlesource.com/c/go/+/481985
Type:CVE
reason: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
 2023-06-19 23:40:23 +08:00
openeuler-ci-bot
dc342486df
!184 fix bogus date in %changelog 
From: @htpeng 
Reviewed-by: @hcnbxx, @jing-rui 
Signed-off-by: @jing-rui
 2023-04-20 11:50:27 +00:00
htpeng
df0be10478 fix bogus date in %changelog 
Signed-off-by: htpeng <htpengc@isoftstone.com>
 2023-04-13 11:42:53 +08:00
openeuler-ci-bot
6d86478b7a
!178 golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725 
From: @hcnbxx 
Reviewed-by: @duguhaotian, @jing-rui, @zhangsong234 
Signed-off-by: @duguhaotian, @jing-rui
 2023-03-27 08:59:36 +00:00
hanchao
89917347f5 golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725 
CVE:CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
Reference:https://go-review.googlesource.com/c/net/+/468135
          https://go-review.googlesource.com/c/go/+/468117
          https://go-review.googlesource.com/c/go/+/468116
Type:CVE
Score:7.5
Reason:fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
 2023-03-23 11:45:48 +08:00
openeuler-ci-bot
87c488bd2f
!170 golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717 
From: @hcnbxx 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2023-02-06 06:21:10 +00:00
hanchao
c8ce26fac8 golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717 
reference:https://go-review.googlesource.com/q/status:open+-is:wip
 2023-01-28 17:39:56 +08:00
openeuler-ci-bot
4969bd5aa5
!162 add type definition of String Cut 
From: @wanglmb 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-12-28 01:53:01 +00:00
wanglimin
e5fb6b40ce support Cut in bytes,strings 2022-12-21 14:35:21 +08:00
openeuler-ci-bot
f559f45360
!152 [sync] PR-151: golang: remove hard code and strong dependency of git, subversion and mercurial 
From: @openeuler-sync-bot 
Reviewed-by: @jing-rui 
Signed-off-by: @jing-rui
 2022-11-22 01:45:58 +00:00
hanchao
d5248856c7 golang: remove hard code and strong dependency of git, subversion and mercurial 
(cherry picked from commit 9bab37fbc72e58672fa20c6ec97f1ab04da4ab14)
 2022-11-21 19:16:21 +08:00
openeuler-ci-bot
04b7b81184
!150 [sync] PR-146: golang: fix CVE-2022-41716 
From: @openeuler-sync-bot 
Reviewed-by: @zhangsong234, @jing-rui 
Signed-off-by: @jing-rui
 2022-11-21 06:59:21 +00:00