| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| 0001-Disable-test-for-UserHomeDir.patch | Disable test for UserHomeDir. On Debian buildds, the user home dir does not exist, so this test fails. |
"Dr. Tobias Quathamer" <toddy@debian.org> | no | 2018-12-19 | ||
| 0002-Fix-Lintian-warnings-about-wrong-interpreter-path.patch | Fix Lintian warnings about wrong interpreter path The command used for this change is as follows: grep -rH "/usr/bin/env perl" * | cut -d: -f1 | xargs -n1 sed -i -e "s,/usr/bin/env perl,/usr/bin/perl," |
"Dr. Tobias Quathamer" <toddy@debian.org> | no | 2019-08-01 | ||
| 0003-cmd-go-cmd-cgo-pass-mfp32-and-mhard-soft-float-to-MI.patch | cmd/go, cmd/cgo: pass -mfp32 and -mhard/soft-float to MIPS GCC For mips32 currently, we are using FP32, while the gcc may be FPXX, which may generate .MIPS.abiflags and .gnu.attributes section with value as FPXX. So the kernel will treat the exe as FPXX, and may choose to use FR=1 FPU mode for it. Currently, in Go, we use 2 lwc1 to load both half of a double value to a pair of even-odd FPR. This behavior can only work with FR=0 mode. In FR=1 mode, all of 32 FPR are 64bit. If we lwc1 the high-half of a double value to an odd FPR, and try to use the previous even FPR to compute, the real high-half of even FPR will be unpredicatable. We set -mfp32 to force the gcc generate FP32 code and section value. More details about FP32/FPXX/FP64 are explained in: https://web.archive.org/web/20180828210612/https://dmz-portal.mips.com/wiki/MIPS_O32_ABI_-_FR0_and_FR1_Interlinking When GOMIPS/GOMIPS64 is set as softfloat, we should also pass -msoft-float to gcc. Here we also add -mno-odd-spreg option, since Loongson's CPU cannot use odd-number FR in FR=0 mode. Fixes #39435 |
YunQiang Su <wzssyqa@gmail.com> | no | 2020-06-09 | ||
| 0004-cmd-dist-fix-build-failure-of-misc-cgo-test-on-arm64.patch | cmd/dist: fix build failure of misc/cgo/test on arm64 Test7978 of misc/cgo/test fails in 'dist test' on arm64 if the C compiler is of GCC-9.4 or above and its 'outline atomics' feature is enabled, since the internal linking hasn't yet supported "__attribute__((constructor))" and also mis-handles hidden visibility. Two changes are made for 'misc/cgo/test' to fix the issue: 1. passing "-tags=internal" for the internal linking PIE case. 2. skipping Test7978 on arm64 for the internal linking cases. This CL fixes 'dist test' failure only, user is expected to pass the option '-mno-outline-atomics' via CGO_CFLAGS if running into the same problem when building cgo program using internal linking. Updates #39466 |
Xiangdong Ji <xiangdong.ji@arm.com> | no | 2020-08-05 | ||
| 0005-cmd-dist-increase-default-timeout-scale-for-arm.patch | [PATCH] cmd/dist: increase default timeout scale for arm Most developers use (faster) amd64 machines setting the test timeouts, but test may run on slower arm ones and also different tests may suffer different relative slowdown on the arm CPUs. Due to those two varying factors it is safer to allow a higher timeout scale on arm to avoid tests timing out. |
Balint Reczey <balint.reczey@canonical.com> | yes | 2020-08-31 | ||
| 0006-skip-userns-test-in-schroot-as-well.patch | skip userns test in schroot as well When schroot is using overlayfs, it fails to detect it as chroot. |
Shengjing Zhu <zhsj@debian.org> | no | 2021-02-05 | ||
| 0007-CVE-2021-31525.patch | [PATCH] [release-branch.go1.15] std: update golang.org/x/net to 20210428183841-261fb518b1ed Steps: go get -d golang.org/x/net@release-branch.go1.15 go mod tidy go mod vendor This http2 bundle does not need to be updated. Fixes #45711 |
Katie Hockman <katie@golang.org> | no | 2021-04-28 | ||
| 0008-CVE-2021-33196.patch | archive/zip: only preallocate File slice if reasonably sized Since the number of files in the EOCD record isn't validated, it isn't safe to preallocate Reader.Files using that field. A malformed archive can indicate it contains up to 1 << 128 - 1 files. We can still safely preallocate the slice by checking if the specified number of files in the archive is reasonable, given the size of the archive. Thanks to the OSS-Fuzz project for discovering this issue and to Emmanuel Odeke for reporting it. Updates #46242 Fixes #46396 Fixes CVE-2021-33196 (cherry picked from commit 74242baa4136c7a9132a8ccd9881354442788c8c) |
Roland Shoemaker <roland@golang.org> | no | backport, https://github.com/golang/go/commit/c92adf420a3d9a5510f9aea382d826f0c9216a10 | 2021-05-11 | |
| 0009-CVE-2021-33195-1.patch | [PATCH] [release-branch.go1.15] net: verify results from Lookup* are valid domain names For the methods LookupCNAME, LookupSRV, LookupMX, LookupNS, and LookupAddr check that the returned domain names are in fact valid DNS names using the existing isDomainName function. Thanks to Philipp Jeitner and Haya Shulman from Fraunhofer SIT for reporting this issue. Updates #46241 Fixes #46356 Fixes CVE-2021-33195 (cherry picked from commit cdcd02842da7c004efd023881e3719105209c908) |
Roland Shoemaker <roland@golang.org> | no | 2021-05-27 | ||
| 0010-CVE-2021-33195-2.patch | [PATCH] [release-branch.go1.15] net: don't rely on system hosts in TestCVE202133195 Also don't unnecessarily deref the error return. Updates #46504 Fixes #46531 (cherry picked from commit dd7ba3ba2c860c40be6d70b63d4a678449cae80f) |
Roland Shoemaker <roland@golang.org> | no | 2021-06-02 | ||
| 0011-CVE-2021-33197.patch | [PATCH] [release-branch.go1.15] net/http/httputil: always remove hop-by-hop headers Previously, we'd fail to remove the Connection header from a request like this: Connection: Connection: x-header Updates #46313 Fixes #46314 Fixes CVE-2021-33197 |
Filippo Valsorda <filippo@golang.org> | no | 2021-05-21 | ||
| 0012-CVE-2021-33198.patch | [PATCH] [release-branch.go1.15] math/big: check for excessive exponents in Rat.SetString Found by OSS-Fuzz https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=33284 Thanks to Emmanuel Odeke for reporting this issue. Updates #45910 Fixes #46305 Fixes CVE-2021-33198 (cherry picked from commit 6c591f79b0b5327549bd4e94970f7a279efb4ab0) |
Robert Griesemer <gri@golang.org> | no | 2021-05-02 | ||
| 0013-CVE-2021-34558.patch | [PATCH] [release-branch.go1.15] crypto/tls: test key type when casting When casting the certificate public key in generateClientKeyExchange, check the type is appropriate. This prevents a panic when a server agrees to a RSA based key exchange, but then sends an ECDSA (or other) certificate. Updates #47143 Fixes #47144 Fixes CVE-2021-34558 Thanks to Imre Rad for reporting this issue. |
Roland Shoemaker <roland@golang.org> | no | 2021-06-09 |