packages/golang
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
132 Commits 1 Branch 0 Tags
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
wujichao 3f82883ffe [backport]fix CVE-2025-22870 
Note:In the modification of the original CVE, the net/netip package was used. However, this package is not available in current version.Therefore, the parseIPZone function in the net package is used instead for the fix.
2025-04-09 16:01:32 +08:00
0001-release-branch.go1.15-doc-go1.15-mention-1.15.3-cgo-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0002-fix-patch-cmd-go-internal-modfetch-do-not-sho.patch
fix CVE-2022-23773
2022-03-24 11:35:33 +08:00
0002-release-branch.go1.15-cmd-go-fix-mod_get_fallback-te.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0003-release-branch.go1.15-internal-execabs-only-run-test.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0004-release-branch.go1.15-cmd-compile-don-t-short-circui.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0005-release-branch.go1.15-cmd-go-fix-get_update_unknown_.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0006-release-branch.go1.15-net-http-update-bundled-x-net-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0007-release-branch.go1.15-cmd-go-don-t-lookup-the-path-f.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0008-release-branch.go1.15-cmd-link-internal-ld-pe-fix-se.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0009-release-branch.go1.15-cmd-internal-goobj2-fix-buglet.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0010-release-branch.go1.15-runtime-don-t-adjust-timer-pp-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0011-release-branch.go1.15-runtime-cgo-fix-Android-build-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0013-release-branch.go1.15-internal-poll-if-copy_file_ran.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0014-release-branch.go1.15-internal-poll-netpollcheckerr-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0015-release-branch.go1.15-cmd-compile-do-not-assume-TST-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0016-release-branch.go1.15-syscall-do-not-overflow-key-me.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0017-release-branch.go1.15-time-correct-unusual-extension.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0018-release-branch.go1.15-cmd-compile-fix-escape-analysi.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0019-release-branch.go1.15-net-http-ignore-connection-clo.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0020-release-branch.go1.15-net-http-add-connections-back-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0021-release-branch.go1.15-security-encoding-xml-prevent-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0023-release-branch.go1.15-cmd-go-don-t-report-missing-st.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0025-release-branch.go1.15-cmd-go-internal-modfetch-detec.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0026-release-branch.go1.15-cmd-link-generate-trampoline-f.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0027-release-branch.go1.15-net-http-update-bundled-x-net-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0028-release-branch.go1.15-net-http-fix-detection-of-Roun.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0029-release-branch.go1.15-build-set-GOPATH-consistently-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0030-release-branch.go1.15-database-sql-fix-tx-stmt-deadl.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0031-release-branch.go1.15-cmd-compile-disable-shortcircu.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0032-release-branch.go1.15-runtime-non-strict-InlTreeInde.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0033-release-branch.go1.15-cmd-cgo-avoid-exporting-all-sy.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0034-release-branch.go1.15-cmd-link-avoid-exporting-all-s.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0035-release-branch.go1.15-cmd-cgo-remove-unnecessary-spa.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0037-release-branch.go1.15-time-use-offset-and-isDST-when.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0038-release-branch.go1.15-std-update-golang.org-x-net-to.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0039-release-branch.go1.15-runtime-time-disable-preemptio.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0040-release-branch.go1.15-runtime-non-strict-InlTreeInde.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0041-release-branch.go1.15-runtime-pprof-skip-tests-for-A.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0043-release-branch.go1.15-math-big-fix-TestShiftOverlap-.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0044-release-branch.go1.15-math-big-remove-the-s390x-asse.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0045-net-http-fix-hijack-hang-at-abortPendingRead.patch
batch synchronization
2021-06-18 15:46:44 +08:00
0046-release-branch.go1.15-net-verify-results-from-Lookup.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0047-release-branch.go1.15-archive-zip-only-preallocate-F.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0048-release-branch.go1.15-net-http-httputil-always-remov.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0049-release-branch.go1.15-math-big-check-for-excessive-e.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0050-release-branch.go1.15-crypto-tls-test-key-type-when-.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0051-net-reject-leading-zeros-in-IP-address-parsers.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0052-release-branch.go1.16-misc-wasm-cmd-link-do-not-let-.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0053-net-http-httputil-close-incoming-ReverseProxy-reques.patch
fix CVE-2021-33195,CVE-2021-33196,CVE-2021-33197,CVE-2021-33198,CVE-2021-34558,CVE-2021-29923,CVE-2021-38297,CVE-2021-36221
2021-10-27 11:18:41 +08:00
0054-release-branch.go1.16-net-http-update-bundled-golang.patch
fix CVE-2021-44716
2022-01-19 16:25:03 +08:00
0055-release-branch.go1.16-archive-zip-prevent-preallocat.patch
fix CVE-2021-39293
2022-02-08 11:07:36 +08:00
0056-release-branch.go1.16-debug-macho-fail-on-invalid-dy.patch
fix CVE-2021-41771
2022-03-02 11:38:36 +08:00
0057-release-branch.go1.16-math-big-prevent-overflow-in-R.patch
fix CVE-2022-23772 CVE-2022-23806
2022-03-05 16:42:40 +08:00
0058-release-branch.go1.16-crypto-elliptic-make-IsOnCurve.patch
fix CVE-2022-23772 CVE-2022-23806
2022-03-05 16:42:40 +08:00
0059-release-branch.go1.16-regexp-syntax-reject-very-deep.patch
fix CVE-2022-24921
2022-03-14 15:59:38 +08:00
0060-cmd-go-internal-modfetch-do-not-short-circuit-canoni.patch
fix CVE-2022-23773
2022-03-24 11:35:33 +08:00
0061-release-branch.go1.17-crypto-elliptic-tolerate-zero-.patch
fix CVE-2022-28327,CVE-2022-24675
2022-05-12 10:59:10 +08:00
0062-release-branch.go1.17-encoding-pem-fix-stack-overflo.patch
fix CVE-2022-28327,CVE-2022-24675
2022-05-12 10:59:10 +08:00
0063-release-branch.go1.16-syscall-fix-ForkLock-spurious-.patch
fix CVE-2021-44717
2022-05-16 15:03:09 +08:00
0064-release-branch.go1.17-net-http-preserve-nil-values-i.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0065-release-branch.go1.17-go-parser-limit-recursion-dept.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0066-release-branch.go1.17-net-http-don-t-strip-whitespac.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0067-release-branch.go1.17-encoding-xml-limit-depth-of-ne.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0068-release-branch.go1.17-encoding-gob-add-a-depth-limit.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0069-release-branch.go1.17-path-filepath-fix-stack-exhaus.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0070-release-branch.go1.17-encoding-xml-use-iterative-Ski.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0071-release-branch.go1.17-compress-gzip-fix-stack-exhaus.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0072-release-branch.go1.17-crypto-tls-randomly-generate-t.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0073-release-branch.go1.17-crypto-rand-properly-handle-la.patch
golang: fix CVE-2022-32148,CVE-2022-1962,CVE-2022-1705,CVE-2022-30633,
2022-07-27 23:11:25 +08:00
0074-release-branch.go1.17-math-big-check-buffer-lengths-.patch
golang: fix CVE-2022-32189
2022-08-08 19:30:34 +08:00
0075-path-filepath-do-not-remove-prefix-.-when-following-.patch
golang: fix CVE-2022-29804,CVE-2022-29526
2022-08-18 20:02:38 +08:00
0076-release-branch.go1.17-syscall-check-correct-group-in.patch
golang: fix CVE-2022-29804,CVE-2022-29526
2022-08-18 20:02:38 +08:00
0077-release-branch.go1.16-runtime-consistently-access-po.patch
runtime: consistently access pollDesc r/w Gs with atomics
2022-09-13 09:57:27 +08:00
0078-release-branch.go1.18-net-http-update-bundled-golang.patch
golang: fix CVE-2022-27664
2022-09-15 14:31:15 +08:00
0079-release-branch.go1.18-regexp-limit-size-of-parsed-re.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-13 17:27:12 +08:00
0080-release-branch.go1.18-net-http-httputil-avoid-query-.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-13 17:27:12 +08:00
0081-release-branch.go1.18-archive-tar-limit-size-of-head.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-13 17:27:12 +08:00
0082-net-url-reject-query-values-with-semicolons.patch
golang: fix CVE-2022-41715,CVE-2022-2880,CVE-2022-2879
2022-10-13 17:27:12 +08:00
0083-syscall-os-exec-reject-environment-variables-contain.patch
golang: fix CVE-2022-41716
2022-11-21 11:39:21 +08:00
0084-release-branch.go1.18-net-http-update-bundled-golang.patch
golang: fix CVE-2022-41717
2023-02-09 15:23:16 +08:00
0085-all-update-vendored-golang.org-x-net.patch
golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
2023-03-27 16:25:01 +08:00
0086-release-branch.go1.19-crypto-tls-replace-all-usages-.patch
golang: fix CVE-2022-41723,CVE-2022-41724,CVE-2022-41725
2023-03-27 16:25:01 +08:00
0087-release-branch.go1.19-mime-multipart-limit-memory-in.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0088-release-branch.go1.19-net-textproto-avoid-overpredic.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0089-release-branch.go1.19-go-scanner-reject-large-line-a.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0090-release-branch.go1.19-html-template-disallow-actions.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0091-release-branch.go1.19-mime-multipart-avoid-excessive.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0092-release-branch.go1.19-net-textproto-mime-multipart-i.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0093-release-branch.go1.19-mime-multipart-limit-parsed-mi.patch
golang-1.15: fix CVE-2023-24534,CVE-2023-24536,CVE-2023-24537,
2023-04-13 17:40:03 +08:00
0094-runtime-don-t-take-allglock-in-tracebackothers.patch
golang-1.15: fix a deadlock issue when a signal is received
2023-04-14 18:36:58 +08:00
0095-runtime-encapsulate-access-to-allgs.patch
golang-1.15: fix a deadlock issue when a signal is received
2023-04-14 18:36:58 +08:00
0096-Backport-html-template-emit-filterFailsafe-for-empty.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-05-22 23:01:57 +08:00
0097-Backport-html-template-handle-all-JS-whitespace-char.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-05-22 23:01:57 +08:00
0098-Backport-html-template-disallow-angle-brackets-in-CS.patch
bugfix: fix CVE-2023-29400,CVE-2023-24539,CVE-2023-24540
2023-05-22 23:01:57 +08:00
0099-Backport-cmd-go-disallow-package-directories-contain.patch
cvefix: CVE-2023-29402,CVE-2023-29404,CVE-2023-29405,CVE-2023-29403
2023-06-29 00:03:17 +08:00
0100-Backport-cmd-go-enforce-flags-with-non-optional-argu.patch
cvefix: CVE-2023-29402,CVE-2023-29404,CVE-2023-29405,CVE-2023-29403
2023-06-29 00:03:17 +08:00
0101-Backport-cmd-go-cmd-cgo-in-_cgo_flags-use-one-line-p.patch
cvefix: CVE-2023-29402,CVE-2023-29404,CVE-2023-29405,CVE-2023-29403
2023-06-29 00:03:17 +08:00
0102-Backport-runtime-implement-SUID-SGID-protections.patch
bugfix: fix build error for go test runtime
2023-07-07 17:17:03 +08:00
0103-Backport-net-http-validate-Host-header-before-sendin.patch
cvefix:fix CVE-2023-29406
2023-07-25 11:31:41 +08:00
0104-Backport-crypto-tls-restrict-RSA-keys-in-certificate.patch
cvefix:fix CVE-2023-29409
2023-08-18 10:54:19 +08:00
0105-Backport-net-http-permit-requests-with-invalid-Host-headers.patch
permit requests with invalid Host headers
2023-08-25 15:39:10 +08:00
0106-Backport-html-template-support-HTML-like-comments-in.patch
fix CVE-2023-39318 and CVE-2023-39319
2023-09-25 11:49:03 +08:00
0107-Backport-html-template-properly-handle-special-tags-.patch
fix CVE-2023-39318 and CVE-2023-39319
2023-09-25 11:49:03 +08:00
0108-Backport-cmd-compile-use-absolute-file-name-in-isCgo.patch
cvefix:fix CVE-2023-39323
2023-10-28 12:55:03 +08:00
0109-CVE-2023-39325-and-CVE-2023-44487-net-http-regenerate-h2_bundle.go.patch
cvefix: fix CVE-2023-39325
2023-10-28 16:41:27 +08:00
0110-CVE-2023-39326-net-http-limit-chunked-data-overhead.patch
cvefix: fix CVE-2023-39326,CVE-2023-45285
2023-12-15 20:45:38 +08:00
0111-CVE-2023-45285-cmd-go-internal-vcs-error-out-if-the-reques.patch
cvefix: fix CVE-2023-39326,CVE-2023-45285
2023-12-15 20:45:38 +08:00
0112-fix-test-error-about-mod_insecure_issue63845.patch
fix test error about mod_insecure_issue63845
2023-12-27 15:55:16 +08:00
0113-release-branch.go1.21-crypto-x509-make-sure-pub-key-.patch
backport:fix CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289
2024-03-15 16:32:46 +08:00
0114-release-branch.go1.21-html-template-escape-additiona.patch
bugfix: fix failure of net/http unit test
2024-03-28 12:54:11 +08:00
0115-net-textproto-mime-multipart-avoid-unbounded-read-in.patch
bugfix: fix failure of net/http unit test
2024-03-28 12:54:11 +08:00
0116-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
bugfix: fix failure of net/http unit test
2024-03-28 12:54:11 +08:00
0117-Backport-net-mail-properly-handle-special-characters.patch
backport: fix CVE-2024-24784
2024-03-28 12:56:17 +08:00
0118-1.15-backport-runtime-decrement-netpollWaiters-in-ne.patch
backport the upstream patch, fix the overflow issue in runtime.netpollWaiters
2024-03-28 17:32:39 +08:00
0119-1.15-backport-runtime-adjust-netpollWaiters-after-go.patch
backport the upstream patch, fix the overflow issue in runtime.netpollWaiters
2024-03-28 17:32:39 +08:00
0120-Backport-net-http-update-bundled-golang.org-x-net-ht.patch
backport: fix CVE-2023-45288
2024-04-16 11:58:08 +08:00
0121-Backport-cmd-go-disallow-lto_library-in-LDFLAGS.patch
backport: fix CVE-2024-24787
2024-05-28 09:23:43 +08:00
0122-Backport-archive-zip-treat-truncated-EOCDR-comment-a.patch
golang: fix CVE-2024-24789
2024-06-24 22:15:34 +08:00
0123-Backport-net-http-send-body-or-close-connection-on-e.patch
fix CVE-2024-24791
2024-08-13 16:31:28 +08:00
0124-CVE-2024-34155-track-depth-in-nested-element-lists.patch
fix CVE-2024-3415.
2024-09-29 19:18:58 +08:00
0125-Backport-encoding-gob-cover-missed-cases-when-checking-ignore.patch
[Backport-20.03-LTS-SP4]fix CVE-2024-34156
2024-11-04 15:10:27 +08:00
0126-CVE-2024-45341-crypto-x509-properly-check-for-IPv6-h.patch
[Backport]fix CVE-2024-45341 CVE-2024-45336
2025-02-21 14:42:54 +08:00
0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch
remove 0001-drop-hard-code-cert.patch and modify CVE-2024-45336
2025-02-25 15:45:34 +08:00
0128-CVE-2025-22870-do-not-mismatch-IPv6-zone-ids-ag.patch
[backport]fix CVE-2025-22870
2025-04-09 16:01:32 +08:00
go1.15.7.src.tar.gz
golang: upgrade to 1.15.7
2021-03-12 16:17:36 +08:00
golang.spec
[backport]fix CVE-2025-22870
2025-04-09 16:01:32 +08:00
golang.yaml
golang: upgrade to 1.13.15
2020-08-18 20:36:44 +08:00
Description
No description provided
83 MiB
Languages
Diff 100%