The Reader.ReadResponse function constructs a response string through
repeated string concatenation of lines. When the number of lines in a
response is large, this can cause excessive CPU consumption.
(From OE-Core rev: 512c36af3b9d344606b2ebf54bc2f99b88dfea63)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The processing time for parsing some invalid inputs scales non-linearly with
respect to the size of the input. This affects programs which parse untrusted PEM inputs.
(From OE-Core rev: 228e4aa70743b92eaf1abd5526827b34b33f3419)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The Parse function permits values other than IPv6 addresses to be included
in square brackets within the host component of a URL. RFC 3986 permits
IPv6 addresses to be included within the host component, enclosed within
square brackets. For example: "http://[::1]/". IPv4 addresses and hostnames
must not appear within square brackets. Parse did not enforce this requirement.
(From OE-Core rev: c5fc59eb87d0f92ba8596b7848d16d59773582a0)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
When Conn.Handshake fails during ALPN negotiation the error contains attacker
controlled information (the ALPN protocols sent by the client) which is not escaped.
(From OE-Core rev: e734cf62f24640d116c901dd97e09ddbb1f0cc4f)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Validating certificate chains which contain DSA public keys can cause
programs to panic, due to a interface cast that assumes they implement
the Equal method. This affects programs which validate arbitrary certificate chains.
(From OE-Core rev: b532fa208d0b102326642a2fba8b17661a14307e)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Due to the design of the name constraint checking algorithm, the processing
time of some inputs scals non-linearly with respect to the size of the certificate.
This affects programs which validate arbitrary certificate chains.
(From OE-Core rev: ce1626d1f1e232bc6da81e89088d0c0f5f3c52b4)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Parsing a maliciously crafted DER payload could allocate large amounts of memory,
causing memory exhaustion.
(From OE-Core rev: f27acc863ee34b56e2c49dc96ad2b58fb35e2d46)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
If the PATH environment variable contains paths which are executables
(rather than just directories), passing certain strings to LookPath
("", ".", and ".."), can result in the binaries listed in the PATH
being unexpectedly returned.
(From OE-Core rev: ed6df1883225ec08e637a0d7a15a6a5da4665d8d)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This was already done for all other go recipes.
(From OE-Core rev: 63dfdbf774dc24ea4e736a6d13d6aa8c72ebee4d)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Cancelling a query (e.g. by cancelling the context passed to one of
the query methods) during a call to the Scan method of the returned
Rows can result in unexpected results if other queries are being made
in parallel. This can result in a race condition that may overwrite
the expected results with those of another query, causing the call to
Scan to return either unexpected results from the other query or an
error.
Reference:
https://nvd.nist.gov/vuln/detail/CVE-2025-47907
Upstream-patch:
8a924caaf3
(From OE-Core rev: 22d8ac9884208b8f9b2a69ec6a257c62e1f2f8d2)
Signed-off-by: Praveen Kumar <praveen.kumar@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
The go command may execute unexpected commands when operating in untrusted VCS repositories.
This occurs when possibly dangerous VCS configuration is present in repositories.
This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata
for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line,
i.e. via "go get", are not affected.
(From OE-Core rev: efdc4920571677c9051d4402eaa801672eeb24e3)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
NVD ([1]) tracks this as:
cpe:2.3🅰️golang:go:*:*:*:*:*:*:*:*
Running on/with
cpe:2.3⭕microsoft:windows:-:*:*:*:*:*:*:*
Yocto cve-check ignores the "Running on/with", so it needs to be ignored
explicitly.
[1] https://nvd.nist.gov/vuln/detail/CVE-2024-3566
(From OE-Core rev: b8841097eaf7545abf56eb52a122e113b54ba2a7)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Matching of hosts against proxy patterns can improperly treat an IPv6 zone ID
as a hostname component. For example, when the NO_PROXY environment variable
is set to "*.example.com", a request to "[::1%25.example.com]:80` will incorrectly
match and not be proxied.
(From OE-Core rev: 88e79f915137edc5a37a110abdc79f5800404e45)
Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.5..go1.22.6
cb4eee693c (tag: go1.22.6, origin/release-branch.go1.22) [release-branch.go1.22] go1.22.6
8c8adffd53 [release-branch.go1.22] cmd/compile: add 0-sized-value simplification to copyelim
70a1aae67f [release-branch.go1.22] cmd/trace/v2: make the -pprof actually useful
2c88c1d599 [release-branch.go1.22] cmd/trace/v2: handle the -pprof flag
4c50f9162c [release-branch.go1.22] cmd/internal/cov: close counter data files eagerly
9e148a4150 [release-branch.go1.22] internal/bytealg: extend memchr result correctly on wasm
4b27560db9 [release-branch.go1.22] go/types: fix assertion failure when range over int is not permitted
4e548f2c8e [release-branch.go1.22] cmd/link: don't let dsymutil delete our temp directory
45f9ded1df [release-branch.go1.22] cmd/compile: don't elide zero extension on top of signed values
49906f9575 [release-branch.go1.22] cmd/go: fix build config before creating actions for 'go list -cover'
ea96074191 [release-branch.go1.22] os/exec: only use cachedLookExtensions if Cmd.Path is unmodified
[1] https://github.com/golang/go/compare/go1.22.5...go1.22.6
(From OE-Core rev: bd62a437ddd8470ff5a3a3d543885908901b7bce)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit edaedfce685f13decad7608aefa36dece02665b0)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
- refresh patches with devtool
Upgrade to latest 1.22.x release [1]:
$ git --no-pager log --oneline go1.22.4..go1.22.5
8e1fdea831 (tag: go1.22.5, origin/release-branch.go1.22) [release-branch.go1.22] go1.22.5
c2d4f852ce [release-branch.go1.22] cmd/link: handle dynamic import variables on Darwin in plugin mode
3222951439 [release-branch.go1.22] net/http: send body or close connection on expect-100-continue requests
ceaf26ecce [release-branch.go1.22] cmd/compile: mark pointer to noalg type as noalg
dfe4dbf8c0 [release-branch.go1.22] os/exec: on Windows look for extensions in Run if not already done
3560cf0afb [release-branch.go1.22] runtime: always update stack bounds on cgocallback
5159a7193a [release-branch.go1.22] cmd/compile: put constants before variables in initialization order
11b861e459 [release-branch.go1.22] go/types, types2: report error for floating-point iteration variable
81fc616267 [release-branch.go1.22] crypto/tls: don't call tlsrsakex.IncNonDefault with FIPS
14f0251867 [release-branch.go1.22] cmd/cgo/internal/swig: force use of lld for LTO tests on the builders
ab60a7bc18 [release-branch.go1.22] cmd/cgo/internal/testsanitizers: make the libfuzzer tests all short
4c97e883b5 [release-branch.go1.22] cmd/link: put runtime.end in the last section of data segment
179ccb7042 [release-branch.go1.22] cmd/go: fix go list -u -m all with too new retractions dependency
fe9b3c3399 [release-branch.go1.22] net: add GODEBUG=netedns0=0 to disable sending EDNS0 header
b515c5208b [release-branch.go1.22] go/internal/gccgoimporter: recognize "any" as a builtin type
[1] https://github.com/golang/go/compare/go1.22.4...go1.22.5
(From OE-Core rev: 8786cb9cdda93545315f79927f933a261ed3cb31)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 0a1d4a42282bd9f0bdc8dd53c7865aa81d4a5821)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Bootstrap [1]
As mentioned in the Go 1.20 release notes, Go 1.22 now requires the final point release of Go 1.20 or later for bootstrap.
We expect that Go 1.24 will require the final point release of Go 1.22 or later for bootstrap.
The default recipe for bootstrap is the go-binary-native as can be seen in:
meta/conf/distro/include/tcmode-default.inc:68:PREFERRED_PROVIDER_go-native ?= "go-binary-native"
Currently if we change it to use the old go-native and compile the go1.4-bootstrap-20170531
it fails:
| Building Go cmd/dist using /build/workdir/tmp-glibc/work/x86_64-linux/go-native/1.22.3-r0/go1.4/go. (go1.4-bootstrap-20170531 linux/amd64)
| can't load package: package ./cmd/dist: found packages build.go (main) and notgo120.go (building_Go_requires_Go_1_20_6_or_later) in /build/workdir/tmp-glibc/work/x86_64-linux/go-native/1.22.3-r0/go/src/cmd/dist
This has been broken for some time but as we used go-binary-native by default it went unnoticed.
[1] https://go.dev/doc/go1.22#bootstrap
(From OE-Core rev: f350f5b6302fc226e477d5283e4a9722a11d4170)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 876d344d2ec3d6ce283d01974146392d76685824)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
This will make possible to restore the default dynamic linking globally
which is what we had before the 1.20.X release.
(From OE-Core rev: 941c8535eaaca5790c9bc2b3d21d8ce402dbb431)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6ad90fc2fc49c4199a59dfb1c1d81a7ba184a522)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
drop the old version no more used 0007-exec.go-do-not-write-linker-flags-into-buildids.patch
that was replaced by the 0001-exec.go-filter-out-build-specific-paths-from-linker-.patch
renamed now to 0007-exec.go-filter-out-build-specific-paths-from-linker-.patch
(From OE-Core rev: 81b35091e4561b96212a1eedf0e579a8c3aa2b7d)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to latest 1.22.x release [1]:
$git log --oneline go1.22.0..go1.22.1
db6097f8cb (tag: go1.22.1, origin/release-branch.go1.22) [release-branch.go1.22] go1.22.1
041a47712e [release-branch.go1.22] net/textproto, mime/multipart: avoid unbounded read in MIME header
3a855208e3 [release-branch.go1.22] net/http, net/http/cookiejar: avoid subdomain matches on IPv6 zones
337b8e9cbf [release-branch.go1.22] crypto/x509: make sure pub key is non-nil before interface conversion
16830ab48a [release-branch.go1.22] net/http: add missing call to decConnsPerHost
056b0edcb8 [release-branch.go1.22] html/template: escape additional tokens in MarshalJSON errors
f73eba76a0 [release-branch.go1.22] net: work around runtime scheduler starvation on js and wasip1
5330cd225b [release-branch.go1.22] net/mail: properly handle special characters in phrase and obs-phrase
d8c4239f08 [release-branch.go1.22] cmd/go/internal/modcmd: correctly filter out main modules in verify
c33adf44ff [release-branch.go1.22] cmd/trace/v2,internal/trace: use correct frame for identifying goroutines
3b71998078 [release-branch.go1.22] go/types, types2: ensure that Alias.actual is set in NewAlias
8fe2ad6494 [release-branch.go1.22] runtime/internal/atomic: correct GOARM=7 guard at a DMB instruction
686662f3a4 [release-branch.go1.22] cmd/compile: make jump table symbol static
6cbe522fe1 [release-branch.go1.22] cmd/compile: fail noder.LookupFunc gracefully if function generic
fb86598cd3 [release-branch.go1.22] cmd/compile: accept -lang=go1 as -lang=go1.0
6fbd01a711 [release-branch.go1.22] runtime: don't call traceReadCPU on the system stack
d6a271939f [release-branch.go1.22] cmd/cgo/internal/testsanitizers: disable location checking for clang
20107e05a6 [release-branch.go1.22] internal/testenv: support the LUCI mobile builders in tests
53d1b73dff [release-branch.go1.22] internal/testenv: allow "-noopt" anywhere in builder name in test
dd31ad7e9f [release-branch.go1.22] spec: fix typo in year (it's 2024 now)
[1] https://github.com/golang/go/compare/go1.22.0...go1.22.1
(From OE-Core rev: 423f875e10707b583f34dde625301c702c49e9d9)
Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
patch 0007-exec.go-do-not-write-linker-flags-into-buildids.patch
removes linker flags from buildids for not breaking reproducibility,
but it seems that this will make go not rebuild when linker flag
changes, Refer [1]. So remove this oe-specific patch, and change to
filter out build specific path from the linker flags
[1] https://github.com/golang/go/issues/63760
(From OE-Core rev: 6873c6cb000b24c1badd0fb8b5cd2d0a31a63096)
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
In 1.22 this appears to cause failures and no longer appears to be needed.
(From OE-Core rev: 6fe1a4336adbee546085fa76ed9448f82736a590)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The current patch formatting is a mix of two styles which is hard to read.
Tweak it further to make changes easier to identify since we're already
breaking formatting rules.
(From OE-Core rev: ab443dc1238e6c5a542d29ce9d2ba121b81ef365)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to latest 1.21.x release [1]:
$ git --no-pager log --oneline go1.21.0..go1.21.5
6018ad99a4 (tag: go1.21.5) [release-branch.go1.21] go1.21.5
ec8c526e4b [release-branch.go1.21] net/http: limit chunked data overhead
f7a79cb5fc [release-branch.go1.21] cmd/compile: fix findIndVar so it does not match disjointed loop headers
3684d19c20 [release-branch.go1.21] runtime: call enableMetadataHugePages and its callees on the systemstack
9e43850a32 [release-branch.go1.21] crypto/rand,runtime: switch RtlGenRandom for ProcessPrng
8caf4bb3e7 [release-branch.go1.21] path/filepath: consider \\?\c: as a volume on Windows
23c943e529 [release-branch.go1.21] cmd/go/internal/vcs: error out if the requested repo does not support a secure protocol
4952f41180 [release-branch.go1.21] cmd/go: allow 'go mod download' to switch toolchains if called with explicit arguments
f26fa05522 [release-branch.go1.21] os: report IO_REPARSE_TAG_DEDUP files as regular in Stat and Lstat
8ae493b5b8 [release-branch.go1.21] internal/poll: add SPLICE_F_NONBLOCK flag for splice to avoid inconsistency with O_NONBLOCK
b9f245b8d3 [release-branch.go1.21] cmd/compile: ensure pointer arithmetic happens after the nil check
caacf3a09a [release-branch.go1.21] cmd/compile: handle constant pointer offsets in dead store elimination
1e91861f67 [release-branch.go1.21] syscall: copy rlimit.go's build constraint to rlimit_test.go
ed817f1c40 (tag: go1.21.4) [release-branch.go1.21] go1.21.4
9e933c189c [release-branch.go1.21] path/filepath: fix various issues in parsing Windows paths
434af8537e [release-branch.go1.21] net/http: pull http2 underflow fix from x/net/http2
7b04d81cbc [release-branch.go1.21] runtime/cgo: avoid taking the address of crosscall2 in code
f9a31cda3c [release-branch.go1.21] cmd/compile/internal/typecheck: fix closure field naming
64b6c48107 [release-branch.go1.21] go/types, types2: don't use generics
ef6993f327 [release-branch.go1.21] runtime: don't eagerly collapse hugepages
bae01521f3 [release-branch.go1.21] go/types, types2: don't implicitly modify an argument function's type
236c07c049 [release-branch.go1.21] cmd/link: split text sections for arm 32-bit
9465990e0e [release-branch.go1.21] all: tidy dependency versioning after release
883f062fc0 (tag: go1.21.3) [release-branch.go1.21] go1.21.3
24ae2d9272 [release-branch.go1.21] net/http: regenerate h2_bundle.go
26b5783b72 (tag: go1.21.2) [release-branch.go1.21] go1.21.2
2ddfc04d12 [release-branch.go1.21] cmd/compile: use absolute file name in isCgo check
a15ef1bb0f [release-branch.go1.21] cmd/compile: absorb InvertFlags into Noov comparisons
41d71a5afa [release-branch.go1.21] cmd/compile: reset memcombine correctly between basic blocks
0b6b0a275a [release-branch.go1.21] runtime: always lock OS thread in debugcall
cd671a1180 [release-branch.go1.21] runtime: increase g0 stack size in non-cgo case
fc57cc31a0 [release-branch.go1.21] cmd/link: suppress -bind_at_load deprecation warning for ld-prime
9bec49cf52 [release-branch.go1.21] cmd/link: disable DWARF by default in c-shared mode on darwin
3ef4f939c3 [release-branch.go1.21] cmd/link: force old Apple linker in plugin mode
556e9c36ba [release-branch.go1.21] cmd/link: avoid deadcode of global map vars for programs using plugins
b64dc5f499 [release-branch.go1.21] cmd/go: in TestScript/gotoolchain_path, remove the user's PATH
cd66ca0636 [release-branch.go1.21] runtime/metrics: fix /gc/scan/* metrics
d7a0626806 [release-branch.go1.21] runtime: ignore SPWrite on innermost traceback frame
2c1e5b05fe (tag: go1.21.1) [release-branch.go1.21] go1.21.1
bbd043ff0d [release-branch.go1.21] html/template: properly handle special tags within the script context
b0e1d3ea26 [release-branch.go1.21] html/template: support HTML-like comments in script contexts
d25a935574 [release-branch.go1.21] cmd/go: reject toolchain directives containing path separators
e3ba569c78 [release-branch.go1.21] net/http: revert "support streaming POST content in wasm"
8dc6ad1c61 [release-branch.go1.21] runtime: restore caller's frame pointer when recovering from panic
06df3292a8 [release-branch.go1.21] runtime: avoid MADV_HUGEPAGE for heap memory
b120517ffd [release-branch.go1.21] go/types, types2: remove order dependency in inference involving channels
0a9582163c [release-branch.go1.21] cmd/go: retry ETXTBSY errors when running test binaries
91a4e74b98 [release-branch.go1.21] crypto/tls: QUIC: fix panics when processing post-handshake messages
6385a6fb18 [release-branch.go1.21] cmd/go: find GOROOT using os.Executable when installed to GOROOT/bin/GOOS_GOARCH
2d07bb86f0 [release-branch.go1.21] encoding/xml: overriding by empty namespace when no new name declaration
745b81b6e6 [release-branch.go1.21] encoding/gob: prevent panic from index out of range in Decoder.typeString
13339c75b8 [release-branch.go1.21] runtime: fix maps.Clone bug when cloning a map mid-grow
2977709875 [release-branch.go1.21] context: fix synchronization in ExampleAfterFunc_cond
2d4746f37b [release-branch.go1.21] go/types, types2: disable interface inference for versions before Go 1.21
2b8026f025 [release-branch.go1.21] cmd/compile: in expandCalls, move all arg marshalling into call block
7c97cc7d97 [release-branch.go1.21] Revert "os: use handle based APIs to read directories on windows"
cb6ea94996 [release-branch.go1.21] Revert "cmd/compile: omit redundant sign/unsign extension on arm64"
45b98bfb79 [release-branch.go1.21] path/filepath: don't drop .. elements when cleaning invalid Windows paths
bac083a584 [release-branch.go1.21] cmd/link: don't mangle string symbol names
70aa116c4a [release-branch.go1.21] runtime/internal/wasitest: skip racy TCP echo test
31c5a236bc [release-branch.go1.21] runtime: mark traceEnabled and traceShuttingDown as no:split
25ec110e51 [release-branch.go1.21] cmd/compile: ensure empty blocks in write barriers are marked unpreemptible
6634ce2f41 [release-branch.go1.21] runtime: profiling on Darwin cannot use blocking reads
25c6dce188 [release-branch.go1.21] cmd/compile: make backingArrayPtrLen to return typecheck-ed nodes
4e34f2e81d [release-branch.go1.21] go/types, types2: don't panic during interface completion
d91843ff67 [release-branch.go1.21] go/types, types2: use correct parameter list when checking argument passing
7437db1085 [release-branch.go1.21] go/types, types2: use exact unification when comparing interface methods
ed527ecfb2 [release-branch.go1.21] cmd/api: rename api.go to main_test.go
b78e8cc145 [release-branch.go1.21] crypto/tls: add GODEBUG to control max RSA key size
3475e6af4c [release-branch.go1.21] cmd/go: fix missing case checking for empty slice
179821c9e1 [release-branch.go1.21] net/http: permit requests with invalid Host headers
9398951479 [release-branch.go1.21] cmd/distpack: include directory entries in tar files
75d8be5fb4 [release-branch.go1.21] cmd/go/internal/web: release the net token when an HTTP request fails due to CheckRedirect
1755d14559 [release-branch.go1.21] cmd/compile: fix missing init nodes for len(string([]byte)) optimization
[1] https://github.com/golang/go/compare/go1.21.0...go1.21.5
(From OE-Core rev: 0e0a939b0fa124618b963e9af7a11cea3748ef82)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
It's more hard to read but easy to rebase, no functional changes
(From OE-Core rev: 5065025a66f96140ca895a140067fbde82879941)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.11..go1.20.12
97c8ff8d53 (tag: go1.20.12, origin/release-branch.go1.20) [release-branch.go1.20] go1.20.12
6446af942e [release-branch.go1.20] net/http: limit chunked data overhead
77397ffcb2 [release-branch.go1.20] crypto/rand,runtime: revert "switch RtlGenRandom for ProcessPrng"
d77307f855 [release-branch.go1.20] cmd/compile: fix findIndVar so it does not match disjointed loop headers
1bd76576fe [release-branch.go1.20] crypto/rand,runtime: switch RtlGenRandom for ProcessPrng
1b59b017db [release-branch.go1.20] path/filepath: consider \\?\c: as a volume on Windows
46bc33819a [release-branch.go1.20] cmd/go/internal/vcs: error out if the requested repo does not support a secure protocol
e1dc209be8 [release-branch.go1.20] cmd/go/internal/modfetch/codehost: set core.longpaths in Git repos on Windows
[1] https://github.com/golang/go/compare/go1.20.11...go1.20.12
(From OE-Core rev: 8515842b5c503b9a8840675d9cbcfe147d25c1d4)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to latest 1.20.x release [1]:
$ git log --oneline go1.20.8..go1.20.9
68f9a6e2ad (tag: go1.20.9) [release-branch.go1.20] go1.20.9
31d5b604ac [release-branch.go1.20] cmd/compile: use absolute file name in isCgo check
83dce45959 [release-branch.go1.20] cmd/link: suppress -bind_at_load deprecation warning for ld-prime
08c544db98 [release-branch.go1.20] cmd/link: disable DWARF by default in c-shared mode on darwin
071f03a8e5 [release-branch.go1.20] cmd/link: force old Apple linker in plugin mode
[1] https://github.com/golang/go/compare/go1.20.8...go1.20.9
(From OE-Core rev: 7962b93a53f928cd618016fa600ccefb2d57c28d)
Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
