openwrt/packages
1
0
Fork 0
mirror of https://github.com/coolsnowwolf/packages.git synced 2025-05-01 20:00:18 +08:00
Code Issues Packages Projects Releases Wiki Activity
3,072 Commits 2 Branches 0 Tags 31 MiB
42f74cf161
Commit Graph

45 Commits

Author SHA1 Message Date
Tianling Shen
ed2dae7664 golang: backport an upstream fix for non-retpoline-compatible error 
This fixes the following build error:
```
Building targets
runtime
<autogenerated>:1: non-retpoline-compatible: 00200 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:915)       JMP     (R15)(R12*8)
<autogenerated>:1: non-retpoline-compatible: 00115 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/type.go:614)       JMP     (AX)(SI*8)
<autogenerated>:1: non-retpoline-compatible: 00028 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:452)       JMP     (R11)(R10*8)
<autogenerated>:1: non-retpoline-compatible: 00021 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/error.go:261)      JMP     (DX)(CX*8)
<autogenerated>:1: non-retpoline-compatible: 00050 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:691)       JMP     (CX)(R12*8)
<autogenerated>:1: non-retpoline-compatible: 00024 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/debuglog.go:616)   JMP     (CX)(SI*8)
<autogenerated>:1: non-retpoline-compatible: 00079 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:617)       JMP     (R9)(R8*8)
<autogenerated>:1: non-retpoline-compatible: 00025 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/cgocall.go:453)    JMP     (R9)(DX*8)
<autogenerated>:1: non-retpoline-compatible: 00018 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/type.go:66)        JMP     (DX)(CX*8)
<autogenerated>:1: non-retpoline-compatible: 00020 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/alg.go:156)        JMP     (SI)(DX*8)
<autogenerated>:1: too many errors
```

Fixes: #20026

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2023-01-02 15:22:18 +00:00
Tianling Shen
2cc0480cfa golang: Update to 1.19.4 
go1.19.4 (released 2022-12-06) includes security fixes to the net/http
and os packages, as well as bug fixes to the compiler, the runtime,
and the crypto/x509, os/exec, and sync/atomic packages.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2022-12-08 16:55:52 +08:00
Tianling Shen
d4b43e83bb golang: Update to 1.19.3 
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2022-11-16 15:17:14 +08:00
Stanislav Petrashov
923c9985f2 golang: update to v1.19.2 
Includes fixes for security vulnerabilities:
 * [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) net/http: handle server errors after sending GOAWAY
 * [CVE-2022-32190](https://github.com/golang/go/issues/54385) net/url: JoinPath does not strip relative path components in all circumstances
 * [CVE-2022-2879](https://github.com/golang/go/issues/54853) archive/tar: unbounded memory consumption when reading headers
 * [CVE-2022-2880](https://github.com/golang/go/issues/54663) net/http/httputil: ReverseProxy should not forward unparseable query parameters
 * [CVE-2022-41715](https://github.com/golang/go/issues/55949) regexp/syntax: limit memory used by parsing regexps

Addresses the build failure:
* https://github.com/openwrt/packages/pull/19613

Signed-off-by: Stanislav Petrashov <s@petrashov.ru>
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2022-11-16 15:17:14 +08:00
Josef Schlehofer
f932114326 golang: update to version 1.18.8 
Fixes following CVEs:
- CVE-2022-32189 (version 1.18.5 [1]]
- CVE-2022-27664 (version 1.18.6 [2])
- CVE-2022-32190 (version 1.18.6 [2])
- CVE-2022-2879 (version 1.18.7 [3])
- CVE-2022-2880 (version 1.18.7 [3])
- CVE-2022-41715 (version 1.18.7 [3])
- CVE-2022-41716 (version 1.18.8 [4])

and refreshed patch

[1] https://groups.google.com/g/golang-announce/c/YqYYG87xB10
[2] https://groups.google.com/g/golang-announce/c/x49AQzIVX-s
[3] https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
[4] https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2022-11-10 10:58:03 +00:00
Beginner-Go
d8090dfa33 Revert "update Golang to 1.19.2" 
This reverts commit 4bdfbb5557.
 2022-11-10 10:55:25 +00:00
sKyissKy
4bdfbb5557
update Golang to 1.19.2 2022-10-23 04:46:12 +08:00
Tianling Shen
bae8c9d2f2 golang: Update to 1.18.6 
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2022-09-27 15:03:58 +00:00
Tianling Shen
d72429679b golang: Update to 1.18.5 
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
 2022-09-27 15:03:31 +00:00
Jeffery To
2372ea3c2a golang: Update to 1.18.4 
Includes fixes for:

* CVE-2022-1705: net/http: improper sanitization of Transfer-Encoding
  header
* CVE-2022-1962: go/parser: stack exhaustion in all Parse* functions
* CVE-2022-28131: encoding/xml: stack exhaustion in Decoder.Skip
* CVE-2022-30630: io/fs: stack exhaustion in Glob
* CVE-2022-30631: compress/gzip: stack exhaustion in Reader.Read
* CVE-2022-30632: path/filepath: stack exhaustion in Glob
* CVE-2022-30633: encoding/xml: stack exhaustion in Unmarshal
* CVE-2022-30635: encoding/gob: stack exhaustion in Decoder.Decode
* CVE-2022-32148: net/http/httputil: NewSingleHostReverseProxy - omit
  X-Forwarded-For not working

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-07-18 16:05:48 +00:00
Jeffery To
1b4875aaf4 golang: Update to 1.18.3 
Includes fix for CVE-2022-30634 (crypto/rand: Read hangs when passed
buffer larger than 1<<32 - 1).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-06-06 15:41:03 +00:00
Michael Pratt
c02f3c350b golang: do not rely on Go script host detection 
for some use cases, for example:
a system with 64 bit kernel
and 32 bit userspace programs

the local Go installation is "detected"
using the kernel "uname",
causing build failure if they happen to differ

by adding the argument GOHOSTARCH using the corresponding make variable
it would be fully controlled in the openwrt git tree
based on the HOST_ARCH make variable.

Signed-off-by: Michael Pratt <mcpratt@pm.me>
 2022-05-31 07:21:05 +00:00
Michael Pratt
19ee8dd834 golang: enable verbose output 
allow the building script of Go to output verbose
when make is executed with "V=s..."

Signed-off-by: Michael Pratt <mcpratt@pm.me>
 2022-05-31 07:20:58 +00:00
Michael Pratt
0aad4a6884 golang: split compile recipe into configure and compile 
the default Configure recipe for packages
assumes that there is a "configure" script
in the source tree directory

Go does not have such a script,
configure and compile is done with the same script

so split the current Compile recipe
into both Configure and Compile recipes

Signed-off-by: Michael Pratt <mcpratt@pm.me>
 2022-05-31 07:20:51 +00:00
Jeffery To
f81d1f541c golang: Update to 1.18.2 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-05-15 08:31:28 +00:00
Jeffery To
73be04691a golang: Fix conditionals not stripped 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-04-16 13:42:34 +00:00
Jeffery To
f30af3053e golang: Update to 1.18.1 
Includes fixes for:
* CVE-2022-24675 - encoding/pem: stack overflow
* CVE-2022-28327 - crypto/elliptic: generic P-256 panic when scalar has
  too many leading zeroes

This also adds -buildvcs=false to omit VCS information in Go programs.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-04-16 13:42:20 +00:00
Jeffery To
1e649c08fe golang: Update to 1.18, update patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-04-08 18:20:05 +00:00
lean
c7499f8cde Revert "golang: Update to 1.18, update patch" 
This reverts commit 7b17e78223.
 2022-03-31 13:42:19 +08:00
Jeffery To
7b17e78223 golang: Update to 1.18, update patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-03-30 09:44:48 +00:00
Jeffery To
18ebcace9b golang: Update to 1.17.8 
Includes fix for CVE-2022-24921 (regexp: stack overflow (process exit)
handling deeply nested regexp).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-03-07 09:09:35 +08:00
Jeffery To
f313707d10 golang: Update to 1.17.7, refresh patch 
This includes fixes for:

* CVE-2022-23772: math/big: Rat.SetString may consume large amount of
  RAM and crash

* CVE-2022-23806: crypto/elliptic: IsOnCurve returns true for invalid
  field elements

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-02-15 15:38:25 +00:00
Jeffery To
ccae8636a1 golang: Update to 1.17.6 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2022-01-11 15:16:47 +00:00
Jeffery To
76a804c6db golang: Update to 1.17.5, add patch 
Includes fixes for:
* CVE-2021-44716: unbounded growth of HTTP/2 header canonicalization
  cache
* CVE-2021-44717: syscall.ForkExec error can close file descriptor 0

Added patches:
* 001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-12-30 07:11:15 +00:00
Beginner
1e000aaca0 golang: update to 1.17.3 2021-11-14 20:51:33 +08:00
Jeffery To
de9f4929ce golang: Update to 1.17.2 
Includes fix for CVE-2021-38297 (passing very large arguments to WASM
module functions can cause portions of the module to be overwritten).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-10-11 11:21:10 +00:00
Jeffery To
ad1f4e4011 golang: Remove deprecated variables in golang-package.mk 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-09-15 13:05:06 +00:00
Jeffery To
559b80842f golang: Update to 1.17.1 
Includes fix for CVE-2021-39293 (archive/zip: overflow in preallocation
check can cause OOM panic).

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-09-15 13:04:58 +00:00
Jeffery To
f3dc2471d8 golang: Update to 1.17 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2021-08-22 17:48:44 +00:00
Beginner
29b6d641f8
golang: update to 1.16.7 2021-08-09 22:19:44 +08:00
Beginner
1280dd42ad
golang: update to 1.16.6 2021-07-17 22:18:49 +08:00
Beginner
06a8b55b13
golang: update to 1.16.5 2021-06-06 23:46:20 +08:00
Beginner
b84a1b5d9b
golang: update to 1.16.4 2021-05-09 00:26:12 +08:00
Beginner
9443219776
golang: update to 1.16.3 2021-04-02 15:03:04 +08:00
Beginner
2b1b47ec6a
golang: update to 1.16.2 2021-03-15 20:55:02 +08:00
Beginner-Go
abded7ec1f golang: update v1.16 2021-02-22 09:43:29 +00:00
Beginner
2d4426938d
golang : update v1.15.7 2021-01-20 12:54:01 +08:00
Beginner-Go
e95d80363d update 2020-12-07 16:55:05 +00:00
Beginner-Go
8065ec2902 同步上游 2020-11-30 14:58:15 +00:00
Beginner
451466c517
golang: update v1.15.2 2020-09-26 01:31:21 +08:00
coolsnowwolf
c36ad692b4 packages: sync to new packages 2020-07-08 14:18:52 +08:00
LEAN-ESX
066cb56911 golang: bump to v1.14 2020-02-29 22:50:21 -08:00
Mattraks
1463dd1ecb golang: bump to version 1.13 
luai2c:Delete invalid
 2020-01-22 18:59:52 +08:00
coolsnowwolf
c1476b8296 golang: update to v1.12 2019-04-06 20:19:25 +08:00
coolsnowwolf
d17588da1a first commit 2018-10-18 16:56:47 +08:00