<feed xmlns='http://www.w3.org/2005/Atom'>
<title>linux/poky.git/meta/recipes-devtools/go, branch mickledore-4.2.2</title>
<subtitle>Mirror of git.yoctoproject.org/poky</subtitle>
<id>https://git.enea.com/cgit/linux/poky.git/atom?h=mickledore-4.2.2</id>
<link rel='self' href='https://git.enea.com/cgit/linux/poky.git/atom?h=mickledore-4.2.2'/>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/'/>
<updated>2023-06-30T14:07:59+00:00</updated>
<entry>
<title>go: Upgrade 1.20.4 -&gt; 1.20.5</title>
<updated>2023-06-30T14:07:59+00:00</updated>
<author>
<name>Sakib Sajal</name>
<email>sakib.sajal@windriver.com</email>
</author>
<published>2023-06-24T16:47:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=24723a49049920c78303723f0039754734c03e31'/>
<id>urn:sha1:24723a49049920c78303723f0039754734c03e31</id>
<content type='text'>
Upgrade to latest 1.20.x release:
go.git$ git log --oneline go1.20.4..go1.20.5
e827d41c0a (tag: go1.20.5) [release-branch.go1.20] go1.20.5
c0ed873cd8 [release-branch.go1.20] cmd/go: disallow package directories containing newlines
356a419e2f [release-branch.go1.20] cmd/go: enforce flags with non-optional arguments
fa60c381ed [release-branch.go1.20] cmd/go,cmd/cgo: in _cgo_flags use one line per flag
36144ba429 [release-branch.go1.20] runtime: implement SUID/SGID protections
5036ba77eb [release-branch.go1.20] net: skip TestFileFdBlocks if the "unix" network is not supported
b249ec5655 [release-branch.go1.20] cmd/go/internal: update documentation of go test and go generate
4b95fc1e6c [release-branch.go1.20] cmd/go: save checksums for go.mod files needed for go version lines
31a1e19a59 [release-branch.go1.20] net, os: net.Conn.File.Fd should return a blocking descriptor
450c8021a5 [release-branch.go1.20] runtime: change fcntl to return two values
22741120ee [release-branch.go1.20] runtime: consistently define fcntl
9270e3be8f [release-branch.go1.20] os: if descriptor is non-blocking, retain that in Fd method
600636e931 [release-branch.go1.20] crypto/rsa: use BoringCrypto for 4096 bit keys
afbe101950 [release-branch.go1.20] cmd/compile: fix bswap/load rewrite rules

(From OE-Core rev: 1234971eea7b07e89efaf20055ba9580fbe2cb08)

Signed-off-by: Sakib Sajal &lt;sakib.sajal@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit 3ea1e9e9d7385c78bdd513e44cea5c36444529b2)
Signed-off-by: Sakib Sajal &lt;sakib.sajal@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>go: Use -no-pie to build target cgo</title>
<updated>2023-06-14T14:14:25+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2023-06-02T09:37:10+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=0afb60e4fd1d93578362c3066d999b162feea79e'/>
<id>urn:sha1:0afb60e4fd1d93578362c3066d999b162feea79e</id>
<content type='text'>
Fixes
go: ELF binary /usr/lib/go/pkg/tool/linux_arm64/pprof has relocations in .text
go: ELF binary /usr/lib/go/bin/go has relocations in .text [textrel]

(From OE-Core rev: 0e9f47eddf786972b409088629d0f62c6bc74448)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit a27d39aebd5966ffffb57c20518381cb06ba8373)
Signed-off-by: Sakib Sajal &lt;sakib.sajal@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>go: Upgrade 1.20.1 -&gt; 1.20.4</title>
<updated>2023-06-14T14:14:25+00:00</updated>
<author>
<name>Khem Raj</name>
<email>raj.khem@gmail.com</email>
</author>
<published>2023-06-02T09:37:09+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=90019dfd3e67e52f24d523b672a795ca85164e0d'/>
<id>urn:sha1:90019dfd3e67e52f24d523b672a795ca85164e0d</id>
<content type='text'>
- Remove already upstreamed patches

- Brings a list of changes [1] [2] [3]

[1] https://github.com/golang/go/issues?q=milestone%3AGo1.20.2+label%3ACherryPickApproved
[2] https://github.com/golang/go/issues?q=milestone%3AGo1.20.3+label%3ACherryPickApproved
[3] https://github.com/golang/go/issues?q=milestone%3AGo1.20.4+label%3ACherryPickApproved

(From OE-Core rev: 5847869334dd6687441708e26d1c0ab0a648e7f5)

Signed-off-by: Khem Raj &lt;raj.khem@gmail.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
(cherry picked from commit e043bfb42156c59c93c6a4816528a63cfdaccc3e)
Signed-off-by: Sakib Sajal &lt;sakib.sajal@windriver.com&gt;
Signed-off-by: Steve Sakoman &lt;steve@sakoman.com&gt;
</content>
</entry>
<entry>
<title>go: backport fix for CVE-2023-24537</title>
<updated>2023-04-22T10:05:21+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@arm.com</email>
</author>
<published>2023-04-20T12:54:05+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=60012ae54a147c555609c6d4cf452708c525e306'/>
<id>urn:sha1:60012ae54a147c555609c6d4cf452708c525e306</id>
<content type='text'>
(From OE-Core rev: 6b5a3cc1c8c5c6591fb02612869e6725c010ca13)

Signed-off-by: Ross Burton &lt;ross.burton@arm.com&gt;
Signed-off-by: Luca Ceresoli &lt;luca.ceresoli@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go: fix CVE-2023-2453</title>
<updated>2023-03-28T21:28:45+00:00</updated>
<author>
<name>Ross Burton</name>
<email>ross.burton@arm.com</email>
</author>
<published>2023-03-27T12:03:35+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=985f1b883fe78af47f0956d9c7b5d5780e1baf0e'/>
<id>urn:sha1:985f1b883fe78af47f0956d9c7b5d5780e1baf0e</id>
<content type='text'>
Backport a security fix, can be removed once we have 1.20.2 onwards.

(From OE-Core rev: 06df8350c3bc6f56013a0bff20b64cfdbb81cfca)

Signed-off-by: Ross Burton &lt;ross.burton@arm.com&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go: fix some linkshared regression introduced in go 1.20</title>
<updated>2023-03-23T22:36:46+00:00</updated>
<author>
<name>Jose Quaresma</name>
<email>quaresma.jose@gmail.com</email>
</author>
<published>2023-03-22T11:19:19+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=d5c79ca6a77af1a04992fff4300333e02d94d84d'/>
<id>urn:sha1:d5c79ca6a77af1a04992fff4300333e02d94d84d</id>
<content type='text'>
Since go 1.20 some packages fails to link [1][2]
and only build staticaly with GO_LINKSHARED = ""

[1] https://lists.yoctoproject.org/g/meta-virtualization/topic/97182310
[2] https://github.com/golang/go/issues/58966

(From OE-Core rev: eb40d6c2ef72814336365208722e2dc96322e07d)

Signed-off-by: Jose Quaresma &lt;jose.quaresma@foundries.io&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go: use go as CVE product for all golang recipe veriants</title>
<updated>2023-03-14T17:10:00+00:00</updated>
<author>
<name>Peter Marko</name>
<email>peter.marko@siemens.com</email>
</author>
<published>2023-03-12T08:45:43+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=3a861f2204e18ddf4a9a4add06b84f7b6f36f73a'/>
<id>urn:sha1:3a861f2204e18ddf4a9a4add06b84f7b6f36f73a</id>
<content type='text'>
All golang vulnerabilities are reported under product 'go'.

By default there is no vulnerability reported for images with
golang components because none of used golang packages
have correct CVE product set:
* go-binary-native
* go-runtime
* go-cross-*

(From OE-Core rev: 09f3a27a809bbec9b08c4e4a2b846b68f386c35c)

Signed-off-by: Peter Marko &lt;peter.marko@siemens.com&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go: update 1.20 -&gt; 1.20.1</title>
<updated>2023-02-20T15:18:30+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2023-02-19T19:30:28+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=088a0ab9c57c5d7c3efda03d62c9784745b64e00'/>
<id>urn:sha1:088a0ab9c57c5d7c3efda03d62c9784745b64e00</id>
<content type='text'>
(From OE-Core rev: 257d508268719bd90ed81b61a04b756ba78ec1bd)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Alexandre Belloni &lt;alexandre.belloni@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go-cross-canadian: use gcc-crosssdk, not gcc-native</title>
<updated>2023-02-15T10:21:34+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2023-02-10T06:42:13+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=34157b4b1aa40fbf2a70238a553e54f6bd157ace'/>
<id>urn:sha1:34157b4b1aa40fbf2a70238a553e54f6bd157ace</id>
<content type='text'>
The recipe was building native go against build host headers and libraries,
and then installing it as a nativesdk item, which is entirely incorrect. This has
been working by coincidence (go generally uses C and C libraries lightly)
but with go 1.20 this turned into hard breakage.

Also nativesdk sysroot was being passed in incorrectly.

(From OE-Core rev: 9212704a0e6ba79c3a3c4d85fc132e0ab6de1747)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Luca Ceresoli &lt;luca.ceresoli@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
<entry>
<title>go: update 1.19.4 -&gt; 1.20</title>
<updated>2023-02-15T10:21:34+00:00</updated>
<author>
<name>Alexander Kanavin</name>
<email>alex.kanavin@gmail.com</email>
</author>
<published>2023-02-10T06:42:12+00:00</published>
<link rel='alternate' type='text/html' href='https://git.enea.com/cgit/linux/poky.git/commit/?id=19b53dc47f2b8aaf8ef171213876db2095eb6211'/>
<id>urn:sha1:19b53dc47f2b8aaf8ef171213876db2095eb6211</id>
<content type='text'>
No longer package go-runtime-staticdev into sdk packagegroup,
as go-runtime 1.20 doesn't build the static bits anymore
(possibly can be enabled via build config, if proven necessary).

(From OE-Core rev: e8ab9d303a6fca3806097f1fd360efe8f8ae0c1d)

Signed-off-by: Alexander Kanavin &lt;alex@linutronix.de&gt;
Signed-off-by: Luca Ceresoli &lt;luca.ceresoli@bootlin.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
</content>
</entry>
</feed>
