Upstream has updated the Go compiler to not use gold when building for
arm, and is waiting for a fix to binutils (released in 2.41) before
doing the same for aarch64.[1]
Based on the above, it does not appear that
golang/go#49748 will be merged. This removes the
patch from that pull request.
[1]: golang/go#22040
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Includes fixes for:
* 1.20.1:
* CVE-2022-41722: path/filepath: path traversal in filepath.Clean on
Windows
* CVE-2022-41723: net/http: avoid quadratic complexity in HPACK
decoding
* CVE-2022-41724: crypto/tls: large handshake records may cause panics
* CVE-2022-41725: net/http, mime/multipart: denial of service from
excessive resource consumption
* 1.20.2:
* CVE-2023-24532: crypto/elliptic: specific unreduced P-256 scalars
produce incorrect results
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
