publicWagsHome
/
buildx
1
0
Fork 1
Code Issues Pull Requests Packages Projects Releases Wiki Activity
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
master
v0.11
v0.10
v0.9
v0.8
v0.7
v0.6
v0.10.0
v0.10.0-rc1
v0.10.0-rc2
v0.10.0-rc3
v0.10.1
v0.10.2
v0.10.3
v0.10.4
v0.10.5
v0.11.0
v0.11.0-rc1
v0.11.0-rc2
v0.11.1
v0.11.2
v0.2.0
v0.2.1
v0.2.2
v0.3.0
v0.3.1
v0.4.0
v0.4.1
v0.4.2
v0.5.0
v0.5.0-rc1
v0.5.1
v0.6.0
v0.6.0-rc1
v0.6.1
v0.6.2
v0.6.3
v0.7.0
v0.7.0-rc1
v0.7.1
v0.8.0
v0.8.0-rc1
v0.8.1
v0.8.2
v0.9.0
v0.9.0-rc1
v0.9.0-rc2
v0.9.1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
buildx/hack
History
Sebastiaan van Stijn dd350284df
update to go1.20.7 
Includes a fix for CVE-2023-29409

go1.20.7 (released 2023-08-01) includes a security fix to the crypto/tls
package, as well as bug fixes to the assembler and the compiler. See the
Go 1.20.7 milestone on our issue tracker for details:

- https://github.com/golang/go/issues?q=milestone%3AGo1.20.7+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.20.6...go1.20.7

From the mailing list announcement:

[security] Go 1.20.7 and Go 1.19.12 are released

Hello gophers,

We have just released Go versions 1.20.7 and 1.19.12, minor point releases.

These minor releases include 1 security fixes following the security policy:

- crypto/tls: restrict RSA keys in certificates to <= 8192 bits

  Extremely large RSA keys in certificate chains can cause a client/server
  to expend significant CPU time verifying signatures. Limit this by
  restricting the size of RSA keys transmitted during handshakes to <=
  8192 bits.

  Based on a survey of publicly trusted RSA keys, there are currently only
  three certificates in circulation with keys larger than this, and all
  three appear to be test certificates that are not actively deployed. It
  is possible there are larger keys in use in private PKIs, but we target
  the web PKI, so causing breakage here in the interests of increasing the
  default safety of users of crypto/tls seems reasonable.

  Thanks to Mateusz Poliwczak for reporting this issue.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.20.7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 		1 year ago
..
demo-env Bake workflow 3 years ago
dockerfiles update to go1.20.7 1 year ago
build build: add GO_EXTRA_FLAGS argument 2 years ago
git-meta hack: mutualize build opts in Makefile and Dockerfile 2 years ago
hash-files hack: improve hash-files script 2 years ago
release ci: generate provenance and sbom for release binaries 2 years ago
shell hack: lint scripts 2 years ago
test test: opt to avoid building the integration tests image 2 years ago
test-driver k8s: generate node name if not provided 2 years ago
update-docs hack: lint scripts 2 years ago
update-vendor hack: lint scripts 2 years ago