This update for go1.22-openssl fixes the following issues: This update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320) Update to version 1.22.7.1 cut from the go1.22-fips-release branch at the revision tagged go1.22.7-1-openssl-fips. Update to Go 1.22.7 (#229) go1.22.7 (released 2024-09-05) includes security fixes to the encoding/gob, go/build/constraint, and go/parser packages, as well as bug fixes to the fix command and the runtime. CVE-2024-34155 CVE-2024-34156 CVE-2024-34158: – go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155) – go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156) – go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158) – go#68811 os: TestChtimes failures – go#68825 cmd/fix: fails to run on modules whose go directive value is in '1.n.m' format introduced in Go 1.21.0 – go#68972 cmd/cgo: aix c-archive corrupting stack go1.22.6 (released 2024-08-06) includes fixes to the go command, the compiler, the linker, the trace command, the covdata command, and the bytes, go/types, and os/exec packages. go#68594 cmd/compile: internal compiler error with zero-size types go#68546 cmd/trace/v2: pprof profiles always empty go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop go#68475 bytes:…Read More
