packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
104 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
wujichao d387a24327 [backport]fix CVE-2025-22870 
Note:In the modification of the original CVE, the net/netip package was used. However, this package is not available in current version.Therefore, the parseIPZone function in the net package is used instead for the fix.
(cherry picked from commit bc6a64df2b449c94b4d88e4e09761f05fefc3e99)
2025-04-10 20:49:12 +08:00
0001-release-branch.go1.17-crypto-elliptic-tolerate-zero-.patch
fix CVE-2022-28327,CVE-2022-24675
2022-09-13 15:04:07 +08:00
0002-release-branch.go1.17-encoding-pem-fix-stack-overflo.patch
fix CVE-2022-28327,CVE-2022-24675
2022-09-13 15:04:07 +08:00
0003-release-branch.go1.17-syscall-fix-ForkLock-spurious-.patch
fix CVE-2021-44717
2022-09-13 15:04:07 +08:00
0004-backport-cmd-link-mark-unexported-methods-for-plugins.patch
backport patch to fix bug of golang plugin mode
2022-09-13 15:04:07 +08:00
0005-release-branch.go1.17-net-http-preserve-nil-values-i.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0006-release-branch.go1.17-go-parser-limit-recursion-dept.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0007-release-branch.go1.17-net-http-don-t-strip-whitespac.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0008-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0009-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0010-release-branch.go1.17-io-fs-fix-stack-exhaustion-in-.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0011-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0012-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0013-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0014-release-branch.go1.17-crypto-tls-randomly-generate-t.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0015-release-branch.go1.17-crypto-rand-properly-handle-la.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-09-13 15:04:07 +08:00
0016-release-branch.go1.17-math-big-check-buffer-lengths-.patch
golang: fix CVE-2022-32189
2022-09-13 15:04:07 +08:00
0017-path-filepath-do-not-remove-prefix-.-when-following-.patch
golang: fix CVE-2022-29804,CVE-2022-29526
2022-09-13 15:04:07 +08:00
0018-release-branch.go1.17-syscall-check-correct-group-in.patch
golang: fix CVE-2022-29804,CVE-2022-29526
2022-09-13 15:04:07 +08:00
0019-release-branch.go1.18-net-http-update-bundled-golang.patch
golang: fix CVE-2022-27664
2022-09-15 14:53:12 +08:00
0020-release-branch.go1.18-regexp-limit-size-of-parsed-re.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-12 17:40:44 +08:00
0021-release-branch.go1.18-net-http-httputil-avoid-query-.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-12 17:40:44 +08:00
0022-release-branch.go1.18-archive-tar-limit-size-of-head.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-12 17:40:44 +08:00
0023-syscall-os-exec-reject-environment-variables-contain.patch
golang: fix CVE-2022-41716
2022-11-21 11:41:35 +08:00
0024-release-branch.go1.18-add-definition-byte-string-cut.patch
support Cut in bytes,strings
2022-12-21 14:35:21 +08:00
0025-release-branch.go1.17-crypto-elliptic-make-IsOnCurve.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0026-release-branch.go1.17-cmd-go-internal-modfetch-do-no.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0027-release-branch.go1.17-regexp-syntax-reject-very-deep.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0028-release-branch.go1.17-net-http-update-bundled-golang.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0029-release-branch.go1.17-math-big-prevent-overflow-in-R.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0030-release-branch.go1.18-net-http-update-bundled-golang.patch
golang: fix CVE-2022-23806,CVE-2022-23773,CVE-2022-24921,CVE-2021-44716,CVE-2022-23772,CVE-2022-41717
2023-01-28 17:39:56 +08:00
0031-all-update-vendored-golang.org-x-net.patch
golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
2023-03-23 11:45:48 +08:00
0032-crypto-tls-replace-all-usages-of-BytesOrPanic.patch
golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
2023-03-23 11:45:48 +08:00
0033-mime-multipart-limit-memory-inode-consumption-of-Rea.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0034-release-branch.go1.19-net-textproto-avoid-overpredic.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0035-release-branch.go1.19-go-scanner-reject-large-line-a.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0036-release-branch.go1.19-html-template-disallow-actions.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0037-release-branch.go1.19-mime-multipart-avoid-excessive.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0038-release-branch.go1.19-net-textproto-mime-multipart-i.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0039-release-branch.go1.19-mime-multipart-limit-parsed-mi.patch
golang-1.17:fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,CVE-2023-24538
2023-06-19 23:40:23 +08:00
0040-Backport-html-template-emit-filterFailsafe-for-empty.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-06-19 23:45:32 +08:00
0041-Backport-html-template-handle-all-JS-whitespace-char.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-06-19 23:45:32 +08:00
0042-Backport-html-template-disallow-angle-brackets-in-CS.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-06-19 23:45:32 +08:00
0043-Backport-runtime-implement-SUID-SGID-protections.patch
cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405
2023-06-26 00:52:31 +08:00
0044-Backport-cmd-go-disallow-package-directories-contain.patch
cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405
2023-06-26 00:52:31 +08:00
0045-Backport-cmd-go-enforce-flags-with-non-optional-argu.patch
cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405
2023-06-26 00:52:31 +08:00
0046-Backport-cmd-go-cmd-cgo-in-_cgo_flags-use-one-line-p.patch
cvefix: fix CVE-2023-29402,CVE-2023-29403,CVE-2023-29404,CVE-2023-29405
2023-06-26 00:52:31 +08:00
0047-Backport-net-http-validate-Host-header-before-sendin.patch
cvefix: fix CVE-2023-29406
2023-07-24 19:00:24 +08:00
0048-Backport-net-http-permit-requests-with-invalid-Host-headers.patch
permit requests with invalid Host headers
2023-08-25 15:08:46 +08:00
0049-Backport-crypto-tls-restrict-RSA-keys-in-certificates-to-8192.patch
cvefix:fix CVE-2023-29409
2023-12-05 11:41:36 +08:00
0050-Backport-html-template-support-HTML-like-comments-in.patch
fix CVE-2023-39318 and CVE-2023-39319
2023-12-05 11:44:14 +08:00
0051-Backport-html-template-properly-handle-special-tags-.patch
fix CVE-2023-39318 and CVE-2023-39319
2023-12-05 11:44:14 +08:00
0052-Backport-cmd-compile-use-absolute-file-name-in-isCgo.patch
[Backport]fix CVE-2023-39323
2023-12-05 11:44:23 +08:00
0053-CVE-2023-39325-net-http-regenerate-h2_bundle.go.patch
cvefix: fix CVE-2023-39325
2023-12-05 11:44:29 +08:00
0054-CVE-2023-39326-net-http-limit-chunked-data-overhead.patch
cvefix:fix CVE-2023-39326,CVE-2023-45285
2023-12-15 20:22:12 +08:00
0055-CVE-2023-45285-cmd-go-internal-vcs-error-out-if-the-reques.patch
cvefix:fix CVE-2023-39326,CVE-2023-45285
2023-12-15 20:22:12 +08:00
0056-fix-test-error-about-mod_insecure_issue63845.patch
fix test error about mod_insecure_issue63845
2024-01-16 14:34:20 +08:00
0057-release-branch.go1.21-crypto-x509-make-sure-pub-key-.patch
backport: fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289
2024-03-15 13:34:02 +08:00
0058-release-branch.go1.21-html-template-escape-additiona.patch
bugfix: fix failure of net/http unit test and enable go test
2024-03-28 01:00:58 +08:00
0059-release-branch.go1.21-net-textproto-mime-multipart-a.patch
backport: fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289
2024-03-15 13:34:02 +08:00
0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
bugfix: fix failure of net/http unit test and enable go test
2024-03-28 01:00:58 +08:00
0061-Backport-net-mail-properly-handle-special-characters.patch
backport: fix CVE-2024-24784
2024-03-28 01:01:06 +08:00
0062-1.17-backport-runtime-decrement-netpollWaiters-in-ne.patch
backport the upstream patch, fix the overflow issue in runtime.netpollWaiters
2024-03-29 16:32:59 +08:00
0063-1.17-backport-runtime-adjust-netpollWaiters-after-go.patch
backport the upstream patch, fix the overflow issue in runtime.netpollWaiters
2024-03-29 16:32:59 +08:00
0064-Backport-net-http-update-bundled-golang.org-x-net-ht.patch
backport: fix CVE-2023-45288
2024-04-16 19:16:54 +08:00
0065-Backport-cmd-go-disallow-lto_library-in-LDFLAGS.patch
backport: fix CVE-2024-24787
2024-05-27 21:21:31 +08:00
0066-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
golang: fix CVE-2024-24789
2024-06-25 14:43:25 +08:00
0067-Backport-net-http-send-body-or-close-connection-on-e.patch
[Backport]fix CVE-2024-24791
2024-08-06 16:47:08 +08:00
0068-Backport-go-parser-track-depth-in-nested-element-lis.patch
fix CVE-2024-34155
2024-10-22 16:26:57 +08:00
0069-Backport-encoding-gob-cover-missed-cases-when-checki.patch
fix CVE-2024-34156,CVE-2024-34158
2024-10-22 20:18:06 +08:00
0070-Backport-go-build-constraint-add-parsing-limits.patch
fix CVE-2024-34156,CVE-2024-34158
2024-10-22 20:18:06 +08:00
0071-CVE-2024-45341-crypto-x509-properly-check-for-IPv6-h.patch
[backport]fix CVE-2024-45341 CVE-2024-45336
2025-02-24 16:44:11 +08:00
0072-CVE-2024-45336-net-http-persist-header-stripping-acr.patch
[backport]fix CVE-2024-45341 CVE-2024-45336
2025-02-24 16:44:11 +08:00
0073-crypto-tls-fix-Config.Time-in-tests-using-expir.patch
[backport]fix CVE-2024-45341 CVE-2024-45336
2025-02-24 16:44:11 +08:00
0074-CVE-2025-22870-do-not-mismatch-IPv6-zone-ids-ag.patch
[backport]fix CVE-2025-22870
2025-04-10 20:49:12 +08:00
go1.17.3.src.tar.gz
upgrade to 1.17.3
2021-11-21 03:33:14 +08:00
golang.spec
[backport]fix CVE-2025-22870
2025-04-10 20:49:12 +08:00
golang.yaml
golang: add yaml
2020-07-31 11:24:52 +08:00
Description
No description provided
146 MiB
Languages
Diff 100%