Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

go1.20-libstd-1.20.14-slfo.1.1.6 RPM for x86_64

From OpenSuSE Leap 16.0 for x86_64

Name: go1.20-libstd Distribution: SUSE Linux Framework One
Version: 1.20.14 Vendor: SUSE LLC <https://www.suse.com/>
Release: slfo.1.1.6 Build date: Mon Aug 26 11:17:26 2024
Group: Development/Languages/Go Build host: h01-ch2d
Size: 31785984 Source RPM: go1.20-1.20.14-slfo.1.1.6.src.rpm
Packager: https://www.suse.com/
Url: https://go.dev/
Summary: Go compiled shared library libstd.so
Go standard library compiled to a dynamically loadable shared object libstd.so

Provides

Requires

License

BSD-3-Clause

Changelog

* Tue Feb 06 2024 jkowalczyk@suse.com
  - go1.20.14 (released 2024-02-06) includes fixes to the crypto/x509
    package.
    Refs boo#1206346 go1.20 release tracking
    * go#64760 staticlockranking builders failing on release branches on LUCI
    * go#65322 crypto: rollback BoringCrypto fips-20220613 update
    * go#65379 crypto/x509: TestIssue51759 consistently failing on gotip-darwin-amd64_10.15 LUCI builder
* Tue Jan 09 2024 jkowalczyk@suse.com
  - go1.20.13 (released 2024-01-09) includes fixes to the runtime and
    the crypto/tls package.
    Refs boo#1206346 go1.20 release tracking
    * go#63910 x/build,os/signal: TestDetectNohup and TestNohup fail on replacement darwin LUCI builders
    * go#64409 runtime: ReadMemStats fatal error: mappedReady and other memstats are not equal
    * go#64718 crypto: upgrade to BoringCrypto fips-20220613 and enable TLS 1.3
* Tue Dec 05 2023 jkowalczyk@suse.com
  - go1.20.12 (released 2023-12-05) includes security fixes to the go
    command, and the net/http and path/filepath packages, as well as
    bug fixes to the compiler and the go command.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-45285 CVE-2023-45284 CVE-2023-39326
    * go#63972 go#63845 boo#1217834 security: fix CVE-2023-45285 cmd/go: git VCS qualifier in module path uses git:// scheme
    * go#64040 go#63713 boo#1216943 security: fix CVE-2023-45284 path/filepath: Clean removes ending slash for volume on Windows in Go 1.21.4
    * go#64434 go#64433 boo#1217833 security: fix CVE-2023-39326 net/http: limit chunked data overhead
    * go#63983 cmd/compile: internal compiler error: panic during prove while compiling: unexpected induction with too many parents
    * go#63988 cmd/go: TestScript/mod_get_direct fails with "Filename too long" on Windows
* Tue Nov 07 2023 jkowalczyk@suse.com
  - go1.20.11 (released 2023-11-07) includes security fixes to the
    path/filepath package, as well as bug fixes to the linker and the
    net/http package.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-45283 CVE-2023-45284
    * go#63714 go#63713 boo#1216943 boo#1216944 security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths
    * go#63316 cmd/link: split text sections for arm 32-bit
    * go#63740 net/http: http2 page fails on firefox/safari if pushing resources
* Tue Oct 10 2023 jkowalczyk@suse.com
  - go1.20.10 (released 2023-10-10) includes a security fix to the
    net/http package.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-39325 CVE-2023-44487
    * go#63426 go#63417 boo#1216109 security: fix CVE-2023-39325 CVE-2023-44487 net/http: rapid stream resets can cause excessive work
* Thu Oct 05 2023 jkowalczyk@suse.com
  - go1.20.9 (released 2023-10-05) includes one security fixes to the
    cmd/go package, as well as bug fixes to the go command and the
    linker.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-39323
    * go#63213 go#63211 boo#1215985 security: fix CVE-2023-39323 cmd/go: line directives allows arbitrary execution during build
    * go#62597 cmd/link: issues with Apple's new linker in Xcode 15 beta
* Wed Sep 06 2023 jkowalczyk@suse.com
  - go1.20.8 (released 2023-09-06) includes two security fixes to the
    html/template package, as well as bug fixes to the compiler, the
    go command, the runtime, and the crypto/tls, go/types, net/http,
    and path/filepath packages.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-39318 CVE-2023-39319
    * go#62395 go#62196 boo#1215084 security: fix CVE-2023-39318 html/template: improper handling of HTML-like comments within script contexts
    * go#62397 go#62197 boo#1215085 security: fix CVE-2023-39319 html/template: improper handling of special tags within script contexts
    * go#61198 cmd/go: extended forwards compatibility for Go
    * go#61744 go/types: interface.Complete panics for interfaces with duplicate methods
    * go#61826 net/http: go 1.20.6 host validation breaks setting Host to a unix socket address
    * go#61867 path/filepath: Clean on some invalid Windows paths can lose .. components
    * go#61873 cmd/go: using a module path without dot fails to build after toolchain selection
    * go#61966 crypto/tls: add GODEBUG to control max RSA key size
    * go#62018 runtime: execution halts with goroutines stuck in runtime.gopark (protocol error E08 during memory read for packet)
    * go#62056 cmd/compile: internal compiler error: 'F': func F, startMem[b1] has different values
    * go#62070 cmd/api: make non-importable
* Tue Sep 05 2023 jkowalczyk@suse.com
  - Add missing directory pprof html asset directory to package.
    Refs boo#1215090
    * src/cmd/vendor/github.com/google/pprof/internal/driver/html/
      dir containing html assets is present in upstream Go
      distribution but missing from SUSE go1.x packages
    * Go programs importing runtime/pprof may fail with error:
      /usr/lib64/go/1.21/src/cmd/vendor/github.com/google/pprof/internal/driver/webhtml.go
      pattern html: no matching files found
    * Reformat adjacent commment in spec file
* Tue Aug 01 2023 jkowalczyk@suse.com
  - go1.20.7 (released 2023-08-01) includes a security fix to the
    crypto/tls package, as well as bug fixes to the assembler and the
    compiler.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-29409
    * go#61580 go#61460 boo#1213880 security: fix CVE-2023-29409 crypto/tls: restrict RSA keys in certificates to <= 8192 bits
    * go#61320 cmd/compile: ppc64le: sign extension issue in go 1.21rc2
    * go#61449 net: TestInterfaceArrivalAndDepartureZoneCache is broken on linux-arm64
    * go#61471 cmd/compile: failed to make Go on riscv64 CPU with numa
* Tue Jul 11 2023 jkowalczyk@suse.com
  - go1.20.6 (released 2023-07-11) includes a security fix to the
    net/http package, as well as bug fixes to the compiler, cgo, the
    cover tool, the go command, the runtime, and the crypto/ecdsa,
    go/build, go/printer, net/mail, and text/template packages.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-29406
    * go#61076 go#60374 boo#1213229 security: fix CVE-2023-29406 net/http: insufficient sanitization of Host header
    * go#60352 cmd/go: go mod tidy introduces ambiguous imports in pruned modules
    * go#60535 runtime: TLS slot index over 64 and crash
    * go#60675 cmd/compile: internal compiler error: out of range for go.shape.int64
    * go#60698 cmd/go: go list fails with submodules which have test-only dependencies
    * go#60744 crypto/ecdsa: P521 ecdsa.Verify panics with malformed message
    * go#60754 cmd/go: panic: LoadImport called with empty package path when listing GOROOT/test/*.go
    * go#60760 runtime: checkdead fires due to suspected race in the Go runtime when GOMAXPROCS=1 on AWS
    * go#60802 text/template: key/value assignment is reversed within range loop
    * go#60845 runtime: SIGSEGV in race + coverage mode
    * go#60849 cmd/go: go test deadlocked without enforcing timeouts when killed with ^C
    * go#60874 net/mail: mail.ReadMessage in 1.20 cannot parse mbox headers
    * go#60875 net/mail: characters allowed in RFC 5322 are invalid while parsing email header
    * go#60927 x/tools/go/analysis/unitchecker: TestVetStdlib failures
    * go#60947 crypto/x509: TestSystemVerify/EKULeafValid fails on LUCI
    * go#60949 runtime: goroutines that stop after calling runtime.RaceDisable break race detector
    * go#61055 runtime: TestWindowsStackMemory flakes on windows-386-2016
* Tue Jun 06 2023 jkowalczyk@suse.com
  - go1.20.5 (released 2023-06-06) includes four security fixes to
    the cmd/go and runtime packages, as well as bug fixes to the
    compiler, the go command, the runtime, and the crypto/rsa, net,
    and os packages.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405
    * go#60516 go#60167 boo#1212073 security: fix CVE-2023-29402 cmd/go: cgo code injection
    * go#60518 go#60272 boo#1212074 security: fix CVE-2023-29403 runtime: unexpected behavior of setuid/setgid binaries
    * go#60512 go#60305 boo#1212075 security: fix CVE-2023-29404 cmd/go: improper sanitization of LDFLAGS
    * go#60514 go#60306 boo#1212076 security: fix CVE-2023-29405 cmd/go: improper sanitization of LDFLAGS
    * go#58927 crypto/rsa: 4096 bit keys are not generated with BoringCrypto
    * go#59975 cmd/compile: multiple memories live at block start
    * go#60001 cmd/go: missing checksums for dependencies of go get arguments and tests of external dependencies
    * go#60217 os: Read of a device driver fails only with Go 1.20
    * go#60458 cmd/go: document GOROOT/bin/go PATH entry for go test and go generate
* Tue May 02 2023 jkowalczyk@suse.com
  - go1.20.4 (released 2023-05-02) includes three security fixes to
    the html/template package, as well as bug fixes to the compiler,
    the runtime, and the crypto/subtle, crypto/tls, net/http, and
    syscall packages.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-29400 CVE-2023-24540 CVE-2023-24539
    * go#59812 go#59720 boo#1211029 security: fix CVE-2023-24539 html/template: improper sanitization of CSS values
    * go#59814 go#59721 boo#1211030 security: fix CVE-2023-24540 html/template: improper handling of JavaScript whitespace
    * go#59816 go#59722 boo#1211031 security: fix CVE-2023-29400 html/template: improper handling of empty HTML attributes
    * go#59064 runtime: automatically bump RLIMIT_NOFILE on Unix
    * go#59336 crypto/subtle: xor fails when run with race+purego
    * go#59374 cmd/compile: encoding/binary.PutUint16 sometimes doesn't write
    * go#59450 cmd/compile: internal compiler error: cannot call SetType(go.shape.int) on v (type int)
    * go#59468 cmd/compile: miscompilation in star-tex.org/x/cmd/star-tex
    * go#59469 net/http: FileServer no longer serves content for POST
    * go#59540 crypto/tls: TLSv1.3 connection fails with invalid PSK binder
    * go#59580 cmd/compile: incorrect inline function variable
    * go#59585 cmd/compile: Unified IR exports table is binary unstable in presence of generics
    * go#59637 go/internal/gcimporter: lookupGorootExport should use the go command from build.Default.GOROOT
* Tue May 02 2023 jkowalczyk@suse.com
  - Packaging revert go1.x Suggests go1.x-race boo#1210963
    * Upstream go binary distributions do include race detector .syso
    * Default Recommends for subpackages is best suited in this case
* Fri Apr 28 2023 jkowalczyk@suse.com
  - Packaging improvements:
    * Re-enable binary stripping and debuginfo boo#1210938
    * go1.x Suggests go1.x-race do not install by default boo#1210963
    * Use Group: Development/Languages/Go instead of Other
* Tue Apr 04 2023 jkowalczyk@suse.com
  - go1.20.3 (released 2023-04-04) includes security fixes to the
    go/parser, html/template, mime/multipart, net/http, and
    net/textproto packages, as well as bug fixes to the compiler, the
    linker, the runtime, and the time package.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-24534 CVE-2023-24536 CVE-2023-24537 CVE-2023-24538
    * go#59268 go#58975 boo#1210127 security: fix CVE-2023-24534 net/http, net/textproto: denial of service from excessive memory allocation
    * go#59270 go#59153 boo#1210128 security: fix CVE-2023-24536 net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption
    * go#59274 go#59180 boo#1210129 security: fix CVE-2023-24537 go/parser: infinite loop in parsing
    * go#59272 go#59234 boo#1210130 security: fix CVE-2023-24538 html/template: backticks not treated as string delimiters
    * go#58920 x/text: building as a plugin failure on darwin/arm64
    * go#58938 cmd/go: timeout on darwin-amd64-race builder
    * go#58942 internal/testpty: fails on some Linux machines due to incorrect error handling
    * go#58954 cmd/link: Incorrect symbol linked in darwin/arm64
    * go#59051 cmd/link: linker fails on linux/amd64 when gcc's lto options are used
    * go#59059 cmd/link/internal/arm: off-by-one error in trampoline phase call reachability calculation
    * go#59075 time: time zone lookup using extend string makes wrong start time for non-DST zones
    * go#59220 runtime: crash on linux-ppc64le
    * go#59236 cmd/compile: crypto/elliptic build error under -linkshared mode
    * go#59296 cmd/compile: unsafe.SliceData incoherent resuilt with nil argument
* Tue Apr 04 2023 jkowalczyk@suse.com
  - Build subpackage go1.x-libstd compiled shared object libstd.so
    only on Tumbleweed at this time.
    Refs jsc#PED-1962
* Thu Mar 09 2023 jkowalczyk@suse.com
  - Add subpackage go1.x-libstd for compiled shared object libstd.so.
    Refs jsc#PED-1962
    * Main go1.x package included libstd.so in previous versions
    * Split libstd.so into subpackage that can be installed standalone
    * Continues the slimming down of main go1.x package by 40 Mb
    * Experimental and not recommended for general use, Go currently has no ABI
    * Upstream Go has not committed to support buildmode=shared long-term
    * Do not use in packaging, build static single binaries (the default)
    * Upstream Go go1.x binary releases do not include libstd.so
    * go1.x Suggests go1.x-libstd so not installed by default Recommends
    * go1.x-libstd does not Require: go1.x so can install standalone
    * Provides go-libstd unversioned package name
    * Fix build step -buildmode=shared std to omit -linkshared
  - Packaging improvements:
    * go1.x Suggests go1.x-doc so not installed by default Recommends
    * Use Group: Development/Languages/Go instead of Other
* Tue Mar 07 2023 jkowalczyk@suse.com
  - go1.20.2 (released 2023-03-07) includes a security fix to the
    crypto/elliptic package, as well as bug fixes to the compiler,
    the covdata command, the linker, the runtime, and the
    crypto/ecdh, crypto/rsa, crypto/x509, os, and syscall packages.
    Refs boo#1206346 go1.20 release tracking
    CVE-2023-24532
    * go#58720 go#58647 boo#1209030 security: fix CVE-2023-24532 crypto/elliptic: specific unreduced P-256 scalars produce incorrect results
    * go#58427 cmd/covdata: short read on string table when merging coverage counters
    * go#58442 runtime: some linkname signatures do not match
    * go#58444 cmd/compile: inline static init cause compile time error
    * go#58467 cmd/compile: internal compiler error: '(*Tree[go.shape.int]).RemoveParent.func1': value .dict (nil) incorrectly live at entry
    * go#58498 crypto/ecdh: ECDH method doesn't check curve
    * go#58503 cmd/link: relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'
    * go#58505 crypto/internal/bigmod: flag amd64 assembly as noescape
    * go#58531 runtime: endless traceback when panic in generics funtion
    * go#58536 runtime: long latency of sweep assists
    * go#58624 syscall.Faccessat and os.LookPath regression in Go 1.20
    * go#58627 os: cmd/go gets error "copy_file_range: function not implemented"
    * go#58717 net: TestTCPSelfConnect failures due to unexpected connections
    * go#58774 syscall: Environ uses an invalid unsafe.Pointer conversion on Windows
    * go#58776 cmd/compile: ICE on method value involving imported anonymous interface
    * go#58793 crypto/x509: Incorrect documentation for ParsePKCS8PrivateKey
    * go#58811 crypto/x509: TestSystemVerify consistently failing
* Fri Feb 17 2023 dmueller@suse.com
  - Improvements to go1.x packaging spec:
    * On Tumbleweed bootstrap with current default gcc13 and gccgo118
    * On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap
      using go1.x package (%bcond_without gccgo). This is no longer
      needed on current SLE-12:Update and removing will consolidate
      the build configurations used.
    * Change source URLs to go.dev as per Go upstream
    * On x86_64 export GOAMD64=v1 as per the current baseline.
      At this time forgo GOAMD64=v3 option for x86_64_v3 support.
    * On x86_64 %define go_amd64=v1 as current instruction baseline
    * In %check on x86_64 use value %go_amd64=v1 as GOAMD64=v1 to
      grep correct TSAN version is checked out from LLVM with new
      spelling for internal/amd64v1/race_linux.syso
* Tue Feb 14 2023 jkowalczyk@suse.com
  - go1.20.1 (released 2023-02-14) includes security fixes to the
    crypto/tls, mime/multipart, net/http, and path/filepath packages,
    as well as bug fixes to the compiler, the go command, the linker,
    the runtime, and the time package.
    Refs boo#1206346 go1.20 release tracking
    CVE-2022-41722 CVE-2022-41723 CVE-2022-41724 CVE-2022-41725
    * go#57276 boo#1208269 security: fix CVE-2022-41722 path/filepath: path traversal in filepath.Clean on Windows
    * go#58356 boo#1208270 security: fix CVE-2022-41723 net/http: avoid quadratic complexity in HPACK decoding
    * go#58359 boo#1208271 security: fix CVE-2022-41724 crypto/tls: large handshake records may cause panics
    * go#58363 boo#1208272 security: fix CVE-2022-41725 net/http, mime/multipart: denial of service from excessive resource consumption
    * go#58117 time: update zoneinfo_abbrs on Windows
    * go#58224 cmd/link: .go.buildinfo is gc'ed by --gc-sections
    * go#58309 cmd/compile/internal/pgo: Detect sample value position instead of hard-coding
    * go#58319 cmd/compile: constant overflows when assigned to package level var (Go 1.20 regression)
    * go#58335 cmd/compile: internal compiler error: panic: interface conversion: ir.Node is *ir.CompLitExpr, not *ir.Name
    * go#58413 cmd/compile: internal compiler error: Type.Elem UNION
    * go#58419 runtime: GOOS=ios fails Apple's app validation due to use of private API
    * go#58421 cmd/go/internal/test: stale flagdefs.go not detected by tests
    * go#58431 all: test failures with ETXTBSY
    * go#58450 cmd/go/internal/modfetch: TestCodeRepo/gopkg.in_natefinch_lumberjack.v2/latest failing
* Wed Feb 01 2023 jkowalczyk@suse.com
  - go1.20 (released 2023-02-01) is a major release of Go.
    go1.20.x minor releases will be provided through February 2024.
    https://github.com/golang/go/wiki/Go-Release-Cycle
    go1.20 arrives six months after go1.19. Most of its changes are
    in the implementation of the toolchain, runtime, and libraries.
    As always, the release maintains the Go 1 promise of
    compatibility. We expect almost all Go programs to continue to
    compile and run as before.
    Refs boo#1206346 go1.20 release tracking
    Refs jsc#PED-1962
    * Go 1.20 includes four changes to the language
    * Language change: Go 1.17 added conversions from slice to an
      array pointer. Go 1.20 extends this to allow conversions from a
      slice to an array
    * Language change: The unsafe package defines three new functions
      SliceData, String, and StringData. Along with Go 1.17's Slice,
      these functions now provide the complete ability to construct
      and deconstruct slice and string values, without depending on
      their exact representation.
    * Language change: The specification now defines that struct
      values are compared one field at a time, considering fields in
      the order they appear in the struct type definition, and
      stopping at the first mismatch. The specification could
      previously have been read as if all fields needed to be
      compared beyond the first mismatch. Similarly, the
      specification now defines that array values are compared one
      element at a time, in increasing index order. In both cases,
      the difference affects whether certain comparisons must
      panic. Existing programs are unchanged: the new spec wording
      describes what the implementations have always done.
    * Language change: Comparable types (such as ordinary interfaces)
      may now satisfy comparable constraints, even if the type
      arguments are not strictly comparable (comparison may panic at
      runtime). This makes it possible to instantiate a type
      parameter constrained by comparable (e.g., a type parameter for
      a user-defined generic map key) with a non-strictly comparable
      type argument such as an interface type, or a composite type
      containing an interface type.
    * go command: The directory $GOROOT/pkg no longer stores
      pre-compiled package archives for the standard library: go
      install no longer writes them, the go build no longer checks
      for them, and the Go distribution no longer ships
      them. Instead, packages in the standard library are built as
      needed and cached in the build cache, just like packages
      outside GOROOT. This change reduces the size of the Go
      distribution and also avoids C toolchain skew for packages that
      use cgo. Refs jsc#PED-1962
    * go command: The implementation of go test -json has been
      improved to make it more robust. Programs that run go test
    - json do not need any updates. Programs that invoke go tool
      test2json directly should now run the test binary with
    - v=test2json (for example, go test -v=test2json or ./pkg.test
    - test.v=test2json) instead of plain -v.
    * go command: A related change to go test -json is the addition
      of an event with Action set to start at the beginning of each
      test program's execution. When running multiple tests using the
      go command, these start events are guaranteed to be emitted in
      the same order as the packages named on the command line.
    * go command: The go command now defines architecture feature
      build tags, such as amd64.v2, to allow selecting a package
      implementation file based on the presence or absence of a
      particular architecture feature. See go help buildconstraint
      for details.
    * go command: The go subcommands now accept -C <dir> to change
      directory to <dir> before performing the command, which may be
      useful for scripts that need to execute commands in multiple
      different modules.
    * go command: The go build and go test commands no longer accept
      the -i flag, which has been deprecated since Go 1.16.
    * go command: The go generate command now accepts -skip <pattern>
      to skip //go:generate directives matching <pattern>.
    * go command: The go test command now accepts -skip <pattern> to
      skip tests, subtests, or examples matching <pattern>.
    * go command: When the main module is located within GOPATH/src,
      go install no longer installs libraries for non-main packages
      to GOPATH/pkg, and go list no longer reports a Target field for
      such packages. (In module mode, compiled packages are stored in
      the build cache only, but a bug had caused the GOPATH install
      targets to unexpectedly remain in effect.)
    * go command: The go build, go install, and other build-related
      commands now support a -pgo flag that enables profile-guided
      optimization, which is described in more detail in the Compiler
      section below. The -pgo flag specifies the file path of the
      profile. Specifying -pgo=auto causes the go command to search
      for a file named default.pgo in the main package's directory
      and use it if present. This mode currently requires a single
      main package to be specified on the command line, but we plan
      to lift this restriction in a future release. Specifying
    - pgo=off turns off profile-guided optimization.
    * go command: The go build, go install, and other build-related
      commands now support a -cover flag that builds the specified
      target with code coverage instrumentation. This is described in
      more detail in the Cover section below.
    * go version: The go version -m command now supports reading more
      types of Go binaries, most notably, Windows DLLs built with go
      build -buildmode=c-shared and Linux binaries without execute
      permission.
    * Cgo: The go command now disables cgo by default on systems
      without a C toolchain. More specifically, when the CGO_ENABLED
      environment variable is unset, the CC environment variable is
      unset, and the default C compiler (typically clang or gcc) is
      not found in the path, CGO_ENABLED defaults to 0. As always,
      you can override the default by setting CGO_ENABLED explicitly.
      The most important effect of the default change is that when Go
      is installed on a system without a C compiler, it will now use
      pure Go builds for packages in the standard library that use
      cgo, instead of using pre-distributed package archives (which
      have been removed, as noted above) or attempting to use cgo and
      failing. This makes Go work better in some minimal container
      environments as well as on macOS, where pre-distributed package
      archives have not been used for cgo-based packages since Go
      1.16.
      The packages in the standard library that use cgo are net,
      os/user, and plugin. On macOS, the net and os/user packages
      have been rewritten not to use cgo: the same code is now used
      for cgo and non-cgo builds as well as cross-compiled builds. On
      Windows, the net and os/user packages have never used cgo. On
      other systems, builds with cgo disabled will use a pure Go
      version of these packages.
      On macOS, the race detector has been rewritten not to use cgo:
      race-detector-enabled programs can be built and run without
      Xcode. On Linux and other Unix systems, and on Windows, a host
      C toolchain is required to use the race detector.
    * go cover: Go 1.20 supports collecting code coverage profiles
      for programs (applications and integration tests), as opposed
      to just unit tests. To collect coverage data for a program,
      build it with go build's -cover flag, then run the resulting
      binary with the environment variable GOCOVERDIR set to an
      output directory for coverage profiles. See the 'coverage for
      integration tests' landing page for more on how to get
      started. For details on the design and implementation, see the
      proposal.
    * go vet: Improved detection of loop variable capture by nested
      functions. The vet tool now reports references to loop
      variables following a call to T.Parallel() within subtest
      function bodies. Such references may observe the value of the
      variable from a different iteration (typically causing test
      cases to be skipped) or an invalid state due to unsynchronized
      concurrent access.
    * go vet: The tool also detects reference mistakes in more
      places. Previously it would only consider the last statement
      of the loop body, but now it recursively inspects the last
      statements within if, switch, and select statements.
    * go vet: New diagnostic for incorrect time formats. The vet tool
      now reports use of the time format 2006-02-01 (yyyy-dd-mm) with
      Time.Format and time.Parse. This format does not appear in
      common date standards, but is frequently used by mistake when
      attempting to use the ISO 8601 date format (yyyy-mm-dd).
    * Runtime: Some of the garbage collector's internal data
      structures were reorganized to be both more space and CPU
      efficient. This change reduces memory overheads and improves
      overall CPU performance by up to 2%.
    * Runtime: The garbage collector behaves less erratically with
      respect to goroutine assists in some circumstances.
    * Runtime: Go 1.20 adds a new runtime/coverage package containing
      APIs for writing coverage profile data at runtime from
      long-running and/or server programs that do not terminate via
      os.Exit().
    * Compiler: Go 1.20 adds preview support for profile-guided
      optimization (PGO). PGO enables the toolchain to perform
      application- and workload-specific optimizations based on
      run-time profile information. Currently, the compiler supports
      pprof CPU profiles, which can be collected through usual means,
      such as the runtime/pprof or net/http/pprof packages. To enable
      PGO, pass the path of a pprof profile file via the -pgo flag to
      go build, as mentioned above. Go 1.20 uses PGO to more
      aggressively inline functions at hot call sites. Benchmarks for
      a representative set of Go programs show enabling
      profile-guided inlining optimization improves performance about
      3–4%. See the PGO user guide for detailed documentation. We
      plan to add more profile-guided optimizations in future
      releases. Note that profile-guided optimization is a preview,
      so please use it with appropriate caution.
    * Compiler: The Go 1.20 compiler upgraded its front-end to use a
      new way of handling the compiler's internal data, which fixes
      several generic-types issues and enables type declarations
      within generic functions and methods.
    * Compiler: The compiler now rejects anonymous interface cycles
      with a compiler error by default. These arise from tricky uses
      of embedded interfaces and have always had subtle correctness
      issues, yet we have no evidence that they're actually used in
      practice. Assuming no reports from users adversely affected by
      this change, we plan to update the language specification for
      Go 1.22 to formally disallow them so tools authors can stop
      supporting them too.
    * Compiler: Go 1.18 and 1.19 saw regressions in build speed,
      largely due to the addition of support for generics and
      follow-on work. Go 1.20 improves build speeds by up to 10%,
      bringing it back in line with Go 1.17. Relative to Go 1.19,
      generated code performance is also generally slightly improved.
    * Linker: On Linux, the linker now selects the dynamic
      interpreter for glibc or musl at link time.
    * Linker: On Windows, the Go linker now supports modern
      LLVM-based C toolchains.
    * Linker: Go 1.20 uses go: and type: prefixes for
      compiler-generated symbols rather than go. and type.. This
      avoids confusion for user packages whose name starts with
      go.. The debug/gosym package understands this new naming
      convention for binaries built with Go 1.20 and newer.
    * Bootstrap: When building a Go release from source and
      GOROOT_BOOTSTRAP is not set, previous versions of Go looked for
      a Go 1.4 or later bootstrap toolchain in the directory
      $HOME/go1.4 (%HOMEDRIVE%%HOMEPATH%\go1.4 on Windows). Go 1.18
      and Go 1.19 looked first for $HOME/go1.17 or $HOME/sdk/go1.17
      before falling back to $HOME/go1.4, in anticipation of
      requiring Go 1.17 for use when bootstrapping Go 1.20. Go 1.20
      does require a Go 1.17 release for bootstrapping, but we
      realized that we should adopt the latest point release of the
      bootstrap toolchain, so it requires Go 1.17.13. Go 1.20 looks
      for $HOME/go1.17.13 or $HOME/sdk/go1.17.13 before falling back
      to $HOME/go1.4 (to support systems that hard-coded the path
      $HOME/go1.4 but have installed a newer Go toolchain there). In
      the future, we plan to move the bootstrap toolchain forward
      approximately once a year, and in particular we expect that Go
      1.22 will require the final point release of Go 1.20 for
      bootstrap.
    * Library: Go 1.20 adds a new crypto/ecdh package to provide
      explicit support for Elliptic Curve Diffie-Hellman key
      exchanges over NIST curves and Curve25519. Programs should use
      crypto/ecdh instead of the lower-level functionality in
      crypto/elliptic for ECDH, and third-party modules for more
      advanced use cases.
    * Error handling: Go 1.20 expands support for error wrapping to
      permit an error to wrap multiple other errors.
    * Error handling: An error e can wrap more than one error by
      providing an Unwrap method that returns a []error.
    * Error handling: The errors.Is and errors.As functions have been
      updated to inspect multiply wrapped errors.
    * Error handling: The fmt.Errorf function now supports multiple
      occurrences of the %w format verb, which will cause it to
      return an error that wraps all of those error operands.
    * Error handling: The new function errors.Join returns an error
      wrapping a list of errors.
    * HTTP ResponseController: The new "net/http".ResponseController
      type provides access to extended per-request functionality not
      handled by the "net/http".ResponseWriter interface. The
      ResponseController type provides a clearer, more discoverable
      way to add per-handler controls. Two such controls also added
      in Go 1.20 are SetReadDeadline and SetWriteDeadline, which
      allow setting per-request read and write deadlines.
    * New ReverseProxy Rewrite hook: The httputil.ReverseProxy
      forwarding proxy includes a new Rewrite hook function,
      superseding the previous Director hook.
    * archive/tar: When the GODEBUG=tarinsecurepath=0 environment
      variable is set, Reader.Next method will now return the error
      ErrInsecurePath for an entry with a file name that is an
      absolute path, refers to a location outside the current
      directory, contains invalid characters, or (on Windows) is a
      reserved name such as NUL. A future version of Go may disable
      insecure paths by default.
    * archive/zip: When the GODEBUG=zipinsecurepath=0 environment
      variable is set, NewReader will now return the error
      ErrInsecurePath when opening an archive which contains any file
      name that is an absolute path, refers to a location outside the
      current directory, contains invalid characters, or (on Windows)
      is a reserved names such as NUL. A future version of Go may
      disable insecure paths by default.
    * archive/zip: Reading from a directory file that contains file
      data will now return an error. The zip specification does not
      permit directory files to contain file data, so this change
      only affects reading from invalid archives.
    * bytes: The new CutPrefix and CutSuffix functions are like
      TrimPrefix and TrimSuffix but also report whether the string
      was trimmed.
    * bytes: The new Clone function allocates a copy of a byte slice.
    * context: The new WithCancelCause function provides a way to
      cancel a context with a given error. That error can be
      retrieved by calling the new Cause function.
    * crypto/ecdsa: When using supported curves, all operations are
      now implemented in constant time. This led to an increase in
      CPU time between 5% and 30%, mostly affecting P-384 and P-521.
    * crypto/ecdsa: The new PrivateKey.ECDH method converts an
      ecdsa.PrivateKey to an ecdh.PrivateKey.
    * crypto/ed25519: The PrivateKey.Sign method and the
      VerifyWithOptions function now support signing pre-hashed
      messages with Ed25519ph, indicated by an Options.HashFunc that
      returns crypto.SHA512. They also now support Ed25519ctx and
      Ed25519ph with context, indicated by setting the new
      Options.Context field.
    * crypto/rsa: The new field OAEPOptions.MGFHash allows
      configuring the MGF1 hash separately for OAEP decryption.
    * crypto/rsa: crypto/rsa now uses a new, safer, constant-time
      backend. This causes a CPU runtime increase for decryption
      operations between approximately 15% (RSA-2048 on amd64) and
      45% (RSA-4096 on arm64), and more on 32-bit
      architectures. Encryption operations are approximately 20x
      slower than before (but still 5-10x faster than
      decryption). Performance is expected to improve in future
      releases. Programs must not modify or manually generate the
      fields of PrecomputedValues.
    * crypto/subtle: The new function XORBytes XORs two byte slices
      together.
    * crypto/tls: Parsed certificates are now shared across all
      clients actively using that certificate. The memory savings can
      be significant in programs that make many concurrent
      connections to a server or collection of servers sharing any
      part of their certificate chains.
    * crypto/tls: For a handshake failure due to a certificate
      verification failure, the TLS client and server now return an
      error of the new type CertificateVerificationError, which
      includes the presented certificates.
    * crypto/x509: ParsePKCS8PrivateKey and MarshalPKCS8PrivateKey
      now support keys of type *crypto/ecdh.PrivateKey.
      ParsePKIXPublicKey and MarshalPKIXPublicKey now support keys of
      type *crypto/ecdh.PublicKey. Parsing NIST curve keys still
      returns values of type *ecdsa.PublicKey and *ecdsa.PrivateKey.
      Use their new ECDH methods to convert to the crypto/ecdh types.
    * crypto/x509: The new SetFallbackRoots function allows a program
      to define a set of fallback root certificates in case an
      operating system verifier or standard platform root bundle is
      unavailable at runtime. It will most commonly be used with a
      new package, golang.org/x/crypto/x509roots/fallback, which will
      provide an up to date root bundle.
    * debug/elf: Attempts to read from a SHT_NOBITS section using
      Section.Data or the reader returned by Section.Open now return
      an error.
    * debug/elf: Additional R_LARCH_* constants are defined for use
      with LoongArch systems.
    * debug/elf: Additional R_PPC64_* constants are defined for use
      with PPC64 ELFv2 relocations.
    * debug/elf: The constant value for R_PPC64_SECTOFF_LO_DS is
      corrected, from 61 to 62.
    * debug/gosym: Due to a change of Go's symbol naming conventions,
      tools that process Go binaries should use Go 1.20's debug/gosym
      package to transparently handle both old and new binaries.
    * debug/pe: Additional IMAGE_FILE_MACHINE_RISCV* constants are
      defined for use with RISC-V systems.
    * encoding/binary: The ReadVarint and ReadUvarint functions will
      now return io.ErrUnexpectedEOF after reading a partial value,
      rather than io.EOF.
    * encoding/xml: The new Encoder.Close method can be used to check
      for unclosed elements when finished encoding.
    * encoding/xml: The decoder now rejects element and attribute
      names with more than one colon, such as <a:b:c>, as well as
      namespaces that resolve to an empty string, such as xmlns:a="".
    * encoding/xml: The decoder now rejects elements that use
      different namespace prefixes in the opening and closing tag,
      even if those prefixes both denote the same namespace.
    * errors: The new Join function returns an error wrapping a list
      of errors.
    * fmt: The Errorf function supports multiple occurrences of the
      %w format verb, returning an error that unwraps to the list of
      all arguments to %w.
    * fmt: The new FormatString function recovers the formatting
      directive corresponding to a State, which can be useful in
      Formatter. implementations.
    * go/ast: The new RangeStmt.Range field records the position of
      the range keyword in a range statement.
    * go/ast: The new File.FileStart and File.FileEnd fields record
      the position of the start and end of the entire source file.
    * go/token: The new FileSet.RemoveFile method removes a file from
      a FileSet. Long-running programs can use this to release memory
      associated with files they no longer need.
    * go/types: The new Satisfies function reports whether a type
      satisfies a constraint. This change aligns with the new
      language semantics that distinguish satisfying a constraint
      from implementing an interface.
    * io: The new OffsetWriter wraps an underlying WriterAt and
      provides Seek, Write, and WriteAt methods that adjust their
      effective file offset position by a fixed amount.
    * io/fs: The new error SkipAll terminates a WalkDir immediately
      but successfully.
    * math/big: The math/big package's wide scope and input-dependent
      timing make it ill-suited for implementing cryptography. The
      cryptography packages in the standard library no longer call
      non-trivial Int methods on attacker-controlled inputs. In the
      future, the determination of whether a bug in math/big is
      considered a security vulnerability will depend on its wider
      impact on the standard library.
    * math/rand: The math/rand package now automatically seeds the
      global random number generator (used by top-level functions
      like Float64 and Int) with a random value, and the top-level
      Seed function has been deprecated. Programs that need a
      reproducible sequence of random numbers should prefer to
      allocate their own random source, using
      rand.New(rand.NewSource(seed)).
    * math/rand: Programs that need the earlier consistent global
      seeding behavior can set GODEBUG=randautoseed=0 in their
      environment.
    * math/rand: The top-level Read function has been deprecated. In
      almost all cases, crypto/rand.Read is more appropriate.
    * mime: The ParseMediaType function now allows duplicate
      parameter names, so long as the values of the names are the
      same.
    * mime/multipart: Methods of the Reader type now wrap errors
      returned by the underlying io.Reader.
    * net: The LookupCNAME function now consistently returns the
      contents of a CNAME record when one exists. Previously on Unix
      systems and when using the pure Go resolver, LookupCNAME would
      return an error if a CNAME record referred to a name that with
      no A, AAAA, or CNAME record. This change modifies LookupCNAME
      to match the previous behavior on Windows, allowing LookupCNAME
      to succeed whenever a CNAME exists.
    * net: Interface.Flags now includes the new flag FlagRunning,
      indicating an operationally active interface. An interface
      which is administratively configured but not active (for
      example, because the network cable is not connected) will have
      FlagUp set but not FlagRunning.
    * net: The new Dialer.ControlContext field contains a callback
      function similar to the existing Dialer.Control hook, that
      additionally accepts the dial context as a parameter. Control
      is ignored when ControlContext is not nil.
    * net: The Go DNS resolver recognizes the trust-ad resolver
      option. When options trust-ad is set in resolv.conf, the Go
      resolver will set the AD bit in DNS queries. The resolver does
      not make use of the AD bit in responses.
    * net: DNS resolution will detect changes to /etc/nsswitch.conf
      and reload the file when it changes. Checks are made at most
      once every five seconds, matching the previous handling of
      /etc/hosts and /etc/resolv.conf.
    * net/http: The ResponseWriter.WriteHeader function now supports
      sending 1xx status codes.
    * net/http: The new Server.DisableGeneralOptionsHandler
      configuration setting allows disabling the default OPTIONS *
      handler.
    * net/http: The new Transport.OnProxyConnectResponse hook is
      called when a Transport receives an HTTP response from a proxy
      for a CONNECT request.
    * net/http: The HTTP server now accepts HEAD requests containing
      a body, rather than rejecting them as invalid.
    * net/http: HTTP/2 stream errors returned by net/http functions
      may be converted to a golang.org/x/net/http2.StreamError using
      errors.As.
    * net/http: Leading and trailing spaces are trimmed from cookie
      names, rather than being rejected as invalid. For example, a
      cookie setting of "name =value" is now accepted as setting the
      cookie "name".
    * net/netip: The new IPv6LinkLocalAllRouters and IPv6Loopback
      functions are the net/netip equivalents of net.IPv6loopback and
      net.IPv6linklocalallrouters.
    * os: On Windows, the name NUL is no longer treated as a special
      case in Mkdir and Stat.
    * os: On Windows, File.Stat now uses the file handle to retrieve
      attributes when the file is a directory. Previously it would
      use the path passed to Open, which may no longer be the file
      represented by the file handle if the file has been moved or
      replaced. This change modifies Open to open directories without
      the FILE_SHARE_DELETE access, which match the behavior of
      regular files.
    * os: On Windows, File.Seek now supports seeking to the beginning
      of a directory.
    * os/exec: The new Cmd fields Cancel and WaitDelay specify the
      behavior of the Cmd when its associated Context is canceled or
      its process exits with I/O pipes still held open by a child
      process.
    * path/filepath: The new error SkipAll terminates a Walk
      immediately but successfully.
    * path/filepath: The new IsLocal function reports whether a path
      is lexically local to a directory. For example, if IsLocal(p)
      is true, then Open(p) will refer to a file that is lexically
      within the subtree rooted at the current directory.
    * reflect: The new Value.Comparable and Value.Equal methods can
      be used to compare two Values for equality. Comparable reports
      whether Equal is a valid operation for a given Value receiver.
    * reflect: The new Value.Grow method extends a slice to guarantee
      space for another n elements.
    * reflect: The new Value.SetZero method sets a value to be the
      zero value for its type.
    * reflect: Go 1.18 introduced Value.SetIterKey and
      Value.SetIterValue methods. These are optimizations:
      v.SetIterKey(it) is meant to be equivalent to
      v.Set(it.Key()). The implementations incorrectly omitted a
      check for use of unexported fields that was present in the
      unoptimized forms. Go 1.20 corrects these methods to include
      the unexported field check.
    * regexp: Go 1.19.2 and Go 1.18.7 included a security fix to the
      regular expression parser, making it reject very large
      expressions that would consume too much memory. Because Go
      patch releases do not introduce new API, the parser returned
      syntax.ErrInternalError in this case. Go 1.20 adds a more
      specific error, syntax.ErrLarge, which the parser now returns
      instead.
    * runtime/cgo: Go 1.20 adds new Incomplete marker type. Code
      generated by cgo will use cgo.Incomplete to mark an incomplete
      C type.
    * runtime/metrics: Go 1.20 adds new supported metrics, including
      the current GOMAXPROCS setting (/sched/gomaxprocs:threads), the
      number of cgo calls executed (/cgo/go-to-c-calls:calls), total
      mutex block time (/sync/mutex/wait/total:seconds), and various
      measures of time spent in garbage collection.
    * runtime/metrics: Time-based histogram metrics are now less
      precise, but take up much less memory.
    * runtime/pprof: Mutex profile samples are now pre-scaled, fixing
      an issue where old mutex profile samples would be scaled
      incorrectly if the sampling rate changed during execution.
    * runtime/pprof: Profiles collected on Windows now include memory
      mapping information that fixes symbolization issues for
      position-independent binaries.
    * runtime/trace: The garbage collector's background sweeper now
      yields less frequently, resulting in many fewer extraneous
      events in execution traces.
    * strings: The new CutPrefix and CutSuffix functions are like
      TrimPrefix and TrimSuffix but also report whether the string
      was trimmed.
    * sync: The new Map methods Swap, CompareAndSwap, and
      CompareAndDelete allow existing map entries to be updated
      atomically.
    * syscall: On FreeBSD, compatibility shims needed for FreeBSD 11
      and earlier have been removed.
    * syscall: On Linux, additional CLONE_* constants are defined for
      use with the SysProcAttr.Cloneflags field.
    * syscall: On Linux, the new SysProcAttr.CgroupFD and
      SysProcAttr.UseCgroupFD fields provide a way to place a child
      process into a specific cgroup.
    * testing: The new method B.Elapsed reports the current elapsed
      time of the benchmark, which may be useful for calculating
      rates to report with ReportMetric.
    * time: The new time layout constants DateTime, DateOnly, and
      TimeOnly provide names for three of the most common layout
      strings used in a survey of public Go source code.
    * time: The new Time.Compare method compares two times.
    * time: Parse now ignores sub-nanosecond precision in its input,
      instead of reporting those digits as an error.
    * time: The Time.MarshalJSON method is now more strict about
      adherence to RFC 3339.
    * unicode/utf16: The new AppendRune function appends the UTF-16
      encoding of a given rune to a uint16 slice, analogous to
      utf8.AppendRune.
* Thu Jan 12 2023 jkowalczyk@suse.com
  - go1.20rc3 (released 2023-01-12) is a release candidate version of
    go1.20 cut from the master branch at the revision tagged
    go1.20rc3.
    Refs boo#1206346 go1.20 release tracking
* Wed Jan 04 2023 jkowalczyk@suse.com
  - go1.20rc2 (released 2023-01-04) is a release candidate version of
    go1.20 cut from the master branch at the revision tagged
    go1.20rc2.
    Refs boo#1206346 go1.20 release tracking
* Thu Dec 08 2022 jkowalczyk@suse.com
  - go1.20rc1 (released 2022-12-08) is a release candidate version of
    go1.20 cut from the master branch at the revision tagged
    go1.20rc1.
    Refs boo#1206346 go1.20 release tracking

Files

/usr/lib64/go/1.20/pkg/linux_amd64_dynlink/libstd.so


Generated by rpm2html 1.8.1

Fabrice Bellet, Fri Oct 4 00:15:39 2024