Package: golang-1.11 / 1.11.6-1+deb10u3

Metadata

Package Version Patches format
golang-1.11 1.11.6-1+deb10u3 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
0001 Reproducible BUILD_PATH_PREFIX_MAP.patch | (download)

src/cmd/go/internal/work/gc.go | 5 4 + 1 - 0 !
src/cmd/link/internal/ld/buildpathprefix.go | 56 56 + 0 - 0 !
src/cmd/link/internal/ld/dwarf.go | 4 2 + 2 - 0 !
src/cmd/link/internal/ld/pcln.go | 4 2 + 2 - 0 !
4 files changed, 64 insertions(+), 5 deletions(-)

 reproducible build_path_prefix_map

Make builds reproducible by honoring BUILD_PATH_PREFIX_MAP
Upstream has rejected the patch in this form and promised to implement an
alternative they are happy with instead. That hasn't happened yet though.

Bug: https://github.com/golang/go/issues/22491, https://github.com/golang/go/issues/16860
0002 Fix Lintian warnings about wrong interpreter path.patch | (download)

src/cmd/vendor/golang.org/x/sys/unix/mksyscall.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksyscall_solaris.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysctl_openbsd.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysnum_darwin.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysnum_dragonfly.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysnum_freebsd.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysnum_netbsd.pl | 2 1 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/mksysnum_openbsd.pl | 2 1 + 1 - 0 !
src/syscall/mksyscall.pl | 2 1 + 1 - 0 !
src/syscall/mksyscall_solaris.pl | 2 1 + 1 - 0 !
src/syscall/mksysctl_openbsd.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_darwin.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_dragonfly.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_freebsd.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_linux.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_netbsd.pl | 2 1 + 1 - 0 !
src/syscall/mksysnum_openbsd.pl | 2 1 + 1 - 0 !
test/errchk | 2 1 + 1 - 0 !
18 files changed, 18 insertions(+), 18 deletions(-)

 fix lintian warnings about wrong interpreter path

The command used for this change is as follows:

grep -rH "/usr/bin/env perl" * | cut -d: -f1 | xargs -n1 sed -i -e "s,/usr/bin/env perl,/usr/bin/perl,"

0003 arm64 arm64asm recognise new ssbb pssbb mnemonics fr.patch | (download)

src/cmd/vendor/golang.org/x/arch/arm64/arm64asm/objdump_test.go | 12 12 + 0 - 0 !
1 file changed, 12 insertions(+)

 arm64/arm64asm: recognise new ssbb/pssbb mnemonics from objdump

Fixes golang/go#27754

0004 fix Fstatat by using fillStat_t on linux mips64x.patch | (download)

src/cmd/vendor/golang.org/x/sys/unix/syscall_linux_mips64x.go | 9 8 + 1 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64.go | 30 15 + 15 - 0 !
src/cmd/vendor/golang.org/x/sys/unix/zsyscall_linux_mips64le.go | 30 15 + 15 - 0 !
3 files changed, 38 insertions(+), 31 deletions(-)

 [patch] unix: fix fstatat by using fillstat_t on linux/mips64x

0005 Fix CVE 2019 9512 and CVE 2019 9514.patch | (download)

src/net/http/h2_bundle.go | 54 45 + 9 - 0 !
1 file changed, 45 insertions(+), 9 deletions(-)

 fix cve-2019-9512 and cve-2019-9514

Cherry-picked from upstream:
https://github.com/golang/go/commit/e152b01a468a1c18a290bf9aec52ccea7693c7f2

0006 Fix CVE 2019 14809.patch | (download)

src/net/http/transport.go | 2 2 + 0 - 0 !
src/net/http/transport_test.go | 2 1 + 1 - 0 !
src/net/url/url.go | 54 27 + 27 - 0 !
src/net/url/url_test.go | 76 39 + 37 - 0 !
4 files changed, 69 insertions(+), 65 deletions(-)

 fix cve-2019-14809

Cherry-picked from upstream:
https://github.com/golang/go/commit/c1d9ca70995dc232a2145e3214f94e03409f6fcc

0007 Fix CVE 2019 16276.patch | (download)

src/net/http/serve_test.go | 4 4 + 0 - 0 !
src/net/http/transport_test.go | 27 27 + 0 - 0 !
src/net/textproto/reader.go | 10 2 + 8 - 0 !
src/net/textproto/reader_test.go | 13 6 + 7 - 0 !
4 files changed, 39 insertions(+), 15 deletions(-)

 fix cve-2019-16276

Cherry-picked from upstream:
https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8

0008 Fix CVE 2019 17596.patch | (download)

src/crypto/dsa/dsa.go | 3 3 + 0 - 0 !
1 file changed, 3 insertions(+)

 fix cve-2019-17596

Cherry-picked from upstream:
https://github.com/golang/go/commit/2017d88dbc096381d4f348d2fb08bfb3c2b7ed73