diff --git a/0058-release-branch.go1.21-html-template-escape-additiona.patch b/0058-release-branch.go1.21-html-template-escape-additiona.patch
index 60466401071523a514f85020c98ccd983ac1738d..56f0eb9e57f1750095330de1347435941fe2eb79 100644
--- a/0058-release-branch.go1.21-html-template-escape-additiona.patch
+++ b/0058-release-branch.go1.21-html-template-escape-additiona.patch
@@ -1,13 +1,22 @@
-From d4653b9d8b610a6aaad084a4bffd6eccea993f6f Mon Sep 17 00:00:00 2001
+From d0be7ed96a58e63f8d06efd6957de548ec531234 Mon Sep 17 00:00:00 2001
From: Roland Shoemaker
-Date: Wed, 14 Feb 2024 17:18:36 -0800
-Subject: [PATCH 2/4] [release-branch.go1.21] html/template: escape additional
- tokens in MarshalJSON errors
+Date: Thu, 15 Feb 2024 09:18:36 +0800
+Subject: [PATCH 3/3] [Backport] html/template: escape additional tokens in
+ MarshalJSON errors
+
+Offering: Cloud Core Network
+CVE: CVE-2024-24785
+Reference: https://go-review.googlesource.com/c/go/+/567515
Escape "
(cherry picked from commit ccbc725f2d678255df1bd326fa511a492aa3a0aa)
Reviewed-on: https://go-review.googlesource.com/c/go/+/567515
Reviewed-by: Carlos Amedee
+Signed-off-by: Ma Chang Wang machangwang@huawei.com
+
+Conflict:no
+Reference:https://go-review.googlesource.com/c/go/+/567515
---
src/html/template/js.go | 22 ++++++++-
src/html/template/js_test.go | 96 ++++++++++++++++++++----------------
2 files changed, 74 insertions(+), 44 deletions(-)
diff --git a/src/html/template/js.go b/src/html/template/js.go
-index 35994f076eb..4d3b25d088c 100644
+index 35994f076e..4d3b25d088 100644
--- a/src/html/template/js.go
+++ b/src/html/template/js.go
@@ -171,13 +171,31 @@ func jsValEscaper(args ...interface{}) string {
@@ -62,7 +75,7 @@ index 35994f076eb..4d3b25d088c 100644
// TODO: maybe post-process output to prevent it from containing
diff --git a/src/html/template/js_test.go b/src/html/template/js_test.go
-index de9ef284106..0ad7b49d646 100644
+index de9ef28410..26d6dcd92c 100644
--- a/src/html/template/js_test.go
+++ b/src/html/template/js_test.go
@@ -6,6 +6,7 @@ package template
@@ -87,7 +100,7 @@ index de9ef284106..0ad7b49d646 100644
tests := []struct {
- x interface{}
- js string
-+ x any
++ x interface{}
+ js string
+ skipNest bool
}{
@@ -165,8 +178,8 @@ index de9ef284106..0ad7b49d646 100644
- {nil, " null "},
+ {"\t\x0b", `"\t\u000b"`, false},
+ {struct{ X, Y int }{1, 2}, `{"X":1,"Y":2}`, false},
-+ {[]any{}, "[]", false},
-+ {[]any{42, "foo", nil}, `[42,"foo",null]`, false},
++ {[]interface{}{}, "[]", false},
++ {[]interface{}{42, "foo", nil}, `[42,"foo",null]`, false},
+ {[]string{""}, `["\u003c!--","\u003c/script\u003e","--\u003e"]`, false},
+ {"", `"--\u003e"`, false},
diff --git a/0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch b/0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
index f0daa63cc8d565dc571d778596e8c883197a6a45..08720c45b2fbd59b6617102764179d7c10c1cc6d 100644
--- a/0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
+++ b/0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
@@ -1,8 +1,12 @@
-From 3d8f3225528f917733569e0ea168581fe8bc1bcc Mon Sep 17 00:00:00 2001
-From: Damien Neil
-Date: Thu, 11 Jan 2024 11:31:57 -0800
-Subject: [PATCH 4/4] [release-branch.go1.21] net/http, net/http/cookiejar:
- avoid subdomain matches on IPv6 zones
+From d4cc4b6c57ee6749d9c813f83982218d78626ad5 Mon Sep 17 00:00:00 2001
+From: Gustavo Falco
+Date: Sun, 11 Dec 2022 02:39:20 +0000
+Subject: [PATCH 1/3] [Backport] net/http, net/http/cookiejar: avoid subdomain
+ matches on IPv6 zones
+
+Offering: Cloud Core Network
+CVE: CVE-2023-45289
+Reference: https://go-review.googlesource.com/c/go/+/569340
When deciding whether to forward cookies or sensitive headers
across a redirect, do not attempt to interpret an IPv6 address
@@ -16,31 +20,74 @@ of "www.example.com".
Thanks to Juho Nurminen of Mattermost for reporting this issue.
+Note: The upstream does not submit this change to go1.17 according to the rules of MinorReleases.
+Corego3.x are based on go1.17.8. Therefore, it need to submit the change to corego3.x.
+
+Edited-by: zhaoshengwei z00581105
+
Fixes CVE-2023-45289
-Fixes #65385
-For #65065
+Fixes #65065
Change-Id: I8f463f59f0e700c8a18733d2b264a8bcb3a19599
Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2131938
Reviewed-by: Tatiana Bradley
Reviewed-by: Roland Shoemaker
-Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/2173775
-Reviewed-by: Carlos Amedee
-Reviewed-on: https://go-review.googlesource.com/c/go/+/569239
+Reviewed-on: https://go-review.googlesource.com/c/go/+/569340
+Reviewed-by: Damien Neil
+LUCI-TryBot-Result: Go LUCI
Reviewed-by: Carlos Amedee
Auto-Submit: Michael Knyszek
-TryBot-Bypass: Michael Knyszek
+Signed-off-by: Zhao Sheng Wei zhaoshengwei@huawei.com
+
+[Backport] net/http: keep sensitive headers on redirects to the same host
+
+Offering: Cloud Core Network
+Reference: https://go-review.googlesource.com/c/go/+/424935
+
+Preserve sensitive headers on a redirect to a different port of the same host.
+
+Note: The upstream does not submit this change to go1.17 according to the rules of MinorReleases.
+Corego3.x are based on go1.17.8. Therefore, it need to submit the change to corego3.x.
+
+Edited-by: zhaoshengwei z00581105
+
+Fixes #35104
+
+Change-Id: I5ab57c414ce92a70e688ee684b9ff02fb062b3c6
+GitHub-Last-Rev: 8d53e71e2243c141d70d27a503d0f7e6dee64c3c
+GitHub-Pull-Request: golang/go#54539
+Reviewed-on: https://go-review.googlesource.com/c/go/+/424935
+TryBot-Result: Gopher Robot
+Reviewed-by: Cherry Mui
+Reviewed-by: Damien Neil
+Run-TryBot: Damien Neil
+Signed-off-by: Zhao Sheng Wei zhaoshengwei@huawei.com
+
+Conflict:no
+Reference:https://go-review.googlesource.com/c/go/+/424935;https://go-review.googlesource.com/c/go/+/569340
---
- src/net/http/client.go | 6 ++++++
- src/net/http/client_test.go | 1 +
+ src/net/http/client.go | 10 ++++++++--
+ src/net/http/client_test.go | 30 +++++++++++++++++++++++++-----
src/net/http/cookiejar/jar.go | 7 +++++++
src/net/http/cookiejar/jar_test.go | 10 ++++++++++
- 4 files changed, 24 insertions(+)
+ src/net/http/transport.go | 10 +++++++---
+ 5 files changed, 57 insertions(+), 10 deletions(-)
diff --git a/src/net/http/client.go b/src/net/http/client.go
-index 4d380c65db9..33a062aa922 100644
+index 4d380c65db..ac14071aee 100644
--- a/src/net/http/client.go
+++ b/src/net/http/client.go
+@@ -1000,8 +1000,8 @@ func shouldCopyHeaderOnRedirect(headerKey string, initial, dest *url.URL) bool {
+ // directly, we don't know their scope, so we assume
+ // it's for *.domain.com.
+
+- ihost := canonicalAddr(initial)
+- dhost := canonicalAddr(dest)
++ ihost := idnaASCIIFromURL(initial)
++ dhost := idnaASCIIFromURL(dest)
+ return isDomainOrSubdomain(dhost, ihost)
+ }
+ // All other headers are copied:
@@ -1016,6 +1016,12 @@ func isDomainOrSubdomain(sub, parent string) bool {
if sub == parent {
return true
@@ -55,19 +102,79 @@ index 4d380c65db9..33a062aa922 100644
// that means sub must end in "."+parent.
// Do it without allocating.
diff --git a/src/net/http/client_test.go b/src/net/http/client_test.go
-index 01d605c3519..ea71dd23644 100644
+index 01d605c351..6c8d8558bb 100644
--- a/src/net/http/client_test.go
+++ b/src/net/http/client_test.go
-@@ -1702,6 +1702,7 @@ func TestShouldCopyHeaderOnRedirect(t *testing.T) {
+@@ -1465,6 +1465,9 @@ func TestClientRedirectResponseWithoutRequest(t *testing.T) {
+ }
+
+ // Issue 4800: copy (some) headers when Client follows a redirect.
++// Issue 35104: Since both URLs have the same host (localhost)
++// but different ports, sensitive headers like Cookie and Authorization
++// are preserved.
+ func TestClientCopyHeadersOnRedirect(t *testing.T) {
+ const (
+ ua = "some-agent/1.2"
+@@ -1477,6 +1480,8 @@ func TestClientCopyHeadersOnRedirect(t *testing.T) {
+ "X-Foo": []string{xfoo},
+ "Referer": []string{ts2URL},
+ "Accept-Encoding": []string{"gzip"},
++ "Cookie": []string{"foo=bar"},
++ "Authorization": []string{"secretpassword"},
+ }
+ if !reflect.DeepEqual(r.Header, want) {
+ t.Errorf("Request.Header = %#v; want %#v", r.Header, want)
+@@ -1497,9 +1502,11 @@ func TestClientCopyHeadersOnRedirect(t *testing.T) {
+ c := ts1.Client()
+ c.CheckRedirect = func(r *Request, via []*Request) error {
+ want := Header{
+- "User-Agent": []string{ua},
+- "X-Foo": []string{xfoo},
+- "Referer": []string{ts2URL},
++ "User-Agent": []string{ua},
++ "X-Foo": []string{xfoo},
++ "Referer": []string{ts2URL},
++ "Cookie": []string{"foo=bar"},
++ "Authorization": []string{"secretpassword"},
+ }
+ if !reflect.DeepEqual(r.Header, want) {
+ t.Errorf("CheckRedirect Request.Header = %#v; want %#v", r.Header, want)
+@@ -1701,18 +1708,31 @@ func TestShouldCopyHeaderOnRedirect(t *testing.T) {
+ {"cookie", "http://foo.com/", "http://bar.com/", false},
{"cookie2", "http://foo.com/", "http://bar.com/", false},
{"authorization", "http://foo.com/", "http://bar.com/", false},
++ {"authorization", "http://foo.com/", "https://foo.com/", true},
++ {"authorization", "http://foo.com:1234/", "http://foo.com:4321/", true},
{"www-authenticate", "http://foo.com/", "http://bar.com/", false},
+ {"authorization", "http://foo.com/", "http://[::1%25.foo.com]/", false},
// But subdomains should work:
{"www-authenticate", "http://foo.com/", "http://foo.com/", true},
+ {"www-authenticate", "http://foo.com/", "http://sub.foo.com/", true},
+ {"www-authenticate", "http://foo.com/", "http://notfoo.com/", false},
+- {"www-authenticate", "http://foo.com/", "https://foo.com/", false},
++ {"www-authenticate", "http://foo.com/", "https://foo.com/", true},
+ {"www-authenticate", "http://foo.com:80/", "http://foo.com/", true},
+ {"www-authenticate", "http://foo.com:80/", "http://sub.foo.com/", true},
+ {"www-authenticate", "http://foo.com:443/", "https://foo.com/", true},
+ {"www-authenticate", "http://foo.com:443/", "https://sub.foo.com/", true},
+- {"www-authenticate", "http://foo.com:1234/", "http://foo.com/", false},
++ {"www-authenticate", "http://foo.com:1234/", "http://foo.com/", true},
++
++ {"authorization", "http://foo.com/", "http://foo.com/", true},
++ {"authorization", "http://foo.com/", "http://sub.foo.com/", true},
++ {"authorization", "http://foo.com/", "http://notfoo.com/", false},
++ {"authorization", "http://foo.com/", "https://foo.com/", true},
++ {"authorization", "http://foo.com:80/", "http://foo.com/", true},
++ {"authorization", "http://foo.com:80/", "http://sub.foo.com/", true},
++ {"authorization", "http://foo.com:443/", "https://foo.com/", true},
++ {"authorization", "http://foo.com:443/", "https://sub.foo.com/", true},
++ {"authorization", "http://foo.com:1234/", "http://foo.com/", true},
+ }
+ for i, tt := range tests {
+ u0, err := url.Parse(tt.initialURL)
diff --git a/src/net/http/cookiejar/jar.go b/src/net/http/cookiejar/jar.go
-index e6583da7fe6..f2cf9c2d8de 100644
+index e6583da7fe..f2cf9c2d8d 100644
--- a/src/net/http/cookiejar/jar.go
+++ b/src/net/http/cookiejar/jar.go
@@ -362,6 +362,13 @@ func jarKey(host string, psl PublicSuffixList) string {
@@ -85,7 +192,7 @@ index e6583da7fe6..f2cf9c2d8de 100644
}
diff --git a/src/net/http/cookiejar/jar_test.go b/src/net/http/cookiejar/jar_test.go
-index 47fb1abdaaf..fd8d40ed1b9 100644
+index 47fb1abdaa..fd8d40ed1b 100644
--- a/src/net/http/cookiejar/jar_test.go
+++ b/src/net/http/cookiejar/jar_test.go
@@ -251,6 +251,7 @@ var isIPTests = map[string]bool{
@@ -112,6 +219,35 @@ index 47fb1abdaaf..fd8d40ed1b9 100644
}
func TestBasics(t *testing.T) {
+diff --git a/src/net/http/transport.go b/src/net/http/transport.go
+index 309194e8e5..6cf5e65276 100644
+--- a/src/net/http/transport.go
++++ b/src/net/http/transport.go
+@@ -2719,17 +2719,21 @@ var portMap = map[string]string{
+ "socks5": "1080",
+ }
+
+-// canonicalAddr returns url.Host but always with a ":port" suffix
+-func canonicalAddr(url *url.URL) string {
++func idnaASCIIFromURL(url *url.URL) string {
+ addr := url.Hostname()
+ if v, err := idnaASCII(addr); err == nil {
+ addr = v
+ }
++ return addr
++}
++
++// canonicalAddr returns url.Host but always with a ":port" suffix.
++func canonicalAddr(url *url.URL) string {
+ port := url.Port()
+ if port == "" {
+ port = portMap[url.Scheme]
+ }
+- return net.JoinHostPort(addr, port)
++ return net.JoinHostPort(idnaASCIIFromURL(url), port)
+ }
+
+ // bodyEOFSignal is used by the HTTP/1 transport when reading response
--
2.33.0
diff --git a/0061-Backport-net-mail-properly-handle-special-characters.patch b/0061-Backport-net-mail-properly-handle-special-characters.patch
new file mode 100644
index 0000000000000000000000000000000000000000..eb663e7d7e59d6760ba3f3bcb26f6c195aa9b151
--- /dev/null
+++ b/0061-Backport-net-mail-properly-handle-special-characters.patch
@@ -0,0 +1,214 @@
+From b1a3bda40d0e6862fa93b00a1be47214b5478ca3 Mon Sep 17 00:00:00 2001
+From: Roland Shoemaker
+Date: Wed, 10 Jan 2024 11:02:14 -0800
+Subject: [PATCH] [Backport] net/mail: properly handle special characters in
+ phrase and obs-phrase
+
+Offering: Cloud Core Network
+CVE: CVE-2024-24784
+Reference: https://go-review.googlesource.com/c/go/+/566195
+
+Fixes a couple of misalignments with RFC 5322 which introduce
+significant diffs between (mostly) conformant parsers.
+
+This change reverts the changes made in CL50911, which allowed certain
+special RFC 5322 characters to appear unquoted in the "phrase" syntax.
+It is unclear why this change was made in the first place, and created
+a divergence from comformant parsers. In particular this resulted in
+treating comments in display names incorrectly.
+
+Additionally properly handle trailing malformed comments in the group
+syntax.
+
+Note: The upstream does not submit this change to go1.17 according to the rules of MinorReleases.
+Corego3.x are based on go1.17.8. Therefore, it need to submit the change to corego3.x.
+
+Edited-by: machangwang m00509938
+
+For #65083
+Fixes #65848
+
+Change-Id: I00dddc044c6ae3381154e43236632604c390f672
+Reviewed-on: https://go-review.googlesource.com/c/go/+/555596
+Reviewed-by: Damien Neil
+LUCI-TryBot-Result: Go LUCI
+Reviewed-on: https://go-review.googlesource.com/c/go/+/566195
+Reviewed-by: Carlos Amedee
+Signed-off-by: Ma Chang Wang machangwang@huawei.com
+---
+ src/net/mail/message.go | 30 +++++++++++++++------------
+ src/net/mail/message_test.go | 40 ++++++++++++++++++++++++++----------
+ 2 files changed, 46 insertions(+), 24 deletions(-)
+
+diff --git a/src/net/mail/message.go b/src/net/mail/message.go
+index 47bbf6ca97..84f48f0cba 100644
+--- a/src/net/mail/message.go
++++ b/src/net/mail/message.go
+@@ -231,7 +231,7 @@ func (a *Address) String() string {
+ // Add quotes if needed
+ quoteLocal := false
+ for i, r := range local {
+- if isAtext(r, false, false) {
++ if isAtext(r, false) {
+ continue
+ }
+ if r == '.' {
+@@ -395,7 +395,7 @@ func (p *addrParser) parseAddress(handleGroup bool) ([]*Address, error) {
+ if !p.consume('<') {
+ atext := true
+ for _, r := range displayName {
+- if !isAtext(r, true, false) {
++ if !isAtext(r, true) {
+ atext = false
+ break
+ }
+@@ -430,7 +430,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) {
+ // handle empty group.
+ p.skipSpace()
+ if p.consume(';') {
+- p.skipCFWS()
++ if !p.skipCFWS() {
++ return nil, errors.New("mail: misformatted parenthetical comment")
++ }
+ return group, nil
+ }
+
+@@ -447,7 +449,9 @@ func (p *addrParser) consumeGroupList() ([]*Address, error) {
+ return nil, errors.New("mail: misformatted parenthetical comment")
+ }
+ if p.consume(';') {
+- p.skipCFWS()
++ if !p.skipCFWS() {
++ return nil, errors.New("mail: misformatted parenthetical comment")
++ }
+ break
+ }
+ if !p.consume(',') {
+@@ -517,6 +521,12 @@ func (p *addrParser) consumePhrase() (phrase string, err error) {
+ var words []string
+ var isPrevEncoded bool
+ for {
++ // obs-phrase allows CFWS after one word
++ if len(words) > 0 {
++ if !p.skipCFWS() {
++ return "", errors.New("mail: misformatted parenthetical comment")
++ }
++ }
+ // word = atom / quoted-string
+ var word string
+ p.skipSpace()
+@@ -612,7 +622,6 @@ Loop:
+ // If dot is true, consumeAtom parses an RFC 5322 dot-atom instead.
+ // If permissive is true, consumeAtom will not fail on:
+ // - leading/trailing/double dots in the atom (see golang.org/issue/4938)
+-// - special characters (RFC 5322 3.2.3) except '<', '>', ':' and '"' (see golang.org/issue/21018)
+ func (p *addrParser) consumeAtom(dot bool, permissive bool) (atom string, err error) {
+ i := 0
+
+@@ -623,7 +632,7 @@ Loop:
+ case size == 1 && r == utf8.RuneError:
+ return "", fmt.Errorf("mail: invalid utf-8 in address: %q", p.s)
+
+- case size == 0 || !isAtext(r, dot, permissive):
++ case size == 0 || !isAtext(r, dot):
+ break Loop
+
+ default:
+@@ -777,18 +786,13 @@ func (e charsetError) Error() string {
+
+ // isAtext reports whether r is an RFC 5322 atext character.
+ // If dot is true, period is included.
+-// If permissive is true, RFC 5322 3.2.3 specials is included,
+-// except '<', '>', ':' and '"'.
+-func isAtext(r rune, dot, permissive bool) bool {
++func isAtext(r rune, dot bool) bool {
+ switch r {
+ case '.':
+ return dot
+
+ // RFC 5322 3.2.3. specials
+- case '(', ')', '[', ']', ';', '@', '\\', ',':
+- return permissive
+-
+- case '<', '>', '"', ':':
++ case '(', ')', '<', '>', '[', ']', ':', ';', '@', '\\', ',', '"': // RFC 5322 3.2.3. specials
+ return false
+ }
+ return isVchar(r)
+diff --git a/src/net/mail/message_test.go b/src/net/mail/message_test.go
+index 80a17b2853..00bc93e074 100644
+--- a/src/net/mail/message_test.go
++++ b/src/net/mail/message_test.go
+@@ -334,8 +334,11 @@ func TestAddressParsingError(t *testing.T) {
+ 13: {"group not closed: null@example.com", "expected comma"},
+ 14: {"group: first@example.com, second@example.com;", "group with multiple addresses"},
+ 15: {"john.doe", "missing '@' or angle-addr"},
+- 16: {"john.doe@", "no angle-addr"},
++ 16: {"john.doe@", "missing '@' or angle-addr"},
+ 17: {"John Doe@foo.bar", "no angle-addr"},
++ 18: {" group: null@example.com; (asd", "misformatted parenthetical comment"},
++ 19: {" group: ; (asd", "misformatted parenthetical comment"},
++ 20: {`(John) Doe `, "missing word in phrase:"},
+ }
+
+ for i, tc := range mustErrTestCases {
+@@ -374,24 +377,19 @@ func TestAddressParsing(t *testing.T) {
+ Address: "john.q.public@example.com",
+ }},
+ },
+- {
+- `"John (middle) Doe" `,
+- []*Address{{
+- Name: "John (middle) Doe",
+- Address: "jdoe@machine.example",
+- }},
+- },
++ // Comment in display name
+ {
+ `John (middle) Doe `,
+ []*Address{{
+- Name: "John (middle) Doe",
++ Name: "John Doe",
+ Address: "jdoe@machine.example",
+ }},
+ },
++ // Display name is quoted string, so comment is not a comment
+ {
+- `John !@M@! Doe `,
++ `"John (middle) Doe" `,
+ []*Address{{
+- Name: "John !@M@! Doe",
++ Name: "John (middle) Doe",
+ Address: "jdoe@machine.example",
+ }},
+ },
+@@ -726,6 +724,26 @@ func TestAddressParsing(t *testing.T) {
+ },
+ },
+ },
++ // Comment in group display name
++ {
++ `group (comment:): a@example.com, b@example.com;`,
++ []*Address{
++ {
++ Address: "a@example.com",
++ },
++ {
++ Address: "b@example.com",
++ },
++ },
++ },
++ {
++ `x(:"):"@a.example;("@b.example;`,
++ []*Address{
++ {
++ Address: `@a.example;(@b.example`,
++ },
++ },
++ },
+ }
+ for _, test := range tests {
+ if len(test.exp) == 1 {
+--
+2.33.0
+
diff --git a/golang.spec b/golang.spec
index e7274b62cf72b7e38a24b76741f342cdaa5d95e6..040e9475d84239b95a6d3f72544011946fcdc658 100644
--- a/golang.spec
+++ b/golang.spec
@@ -63,7 +63,7 @@
Name: golang
Version: 1.17.3
-Release: 28
+Release: 30
Summary: The Go Programming Language
License: BSD and Public Domain
URL: https://golang.org/
@@ -210,6 +210,7 @@ Patch6057: 0057-release-branch.go1.21-crypto-x509-make-sure-pub-key-.patch
Patch6058: 0058-release-branch.go1.21-html-template-escape-additiona.patch
Patch6059: 0059-release-branch.go1.21-net-textproto-mime-multipart-a.patch
Patch6060: 0060-release-branch.go1.21-net-http-net-http-cookiejar-av.patch
+Patch6061: 0061-Backport-net-mail-properly-handle-special-characters.patch
ExclusiveArch: %{golang_arches}
@@ -403,7 +404,7 @@ export GO_TEST_TIMEOUT_SCALE=2
%if %{fail_on_tests}
echo tests ignored
%else
-./run.bash --no-rebuild -v -v -v -k go_test:testing || :
+./run.bash --no-rebuild -v -k -run='!(archive/tar|go/build|cmd/link|cmd/nm|tyepparams|race|flag|cgo_stdio|cgo_life|cgo_errors|test:0_1|api)'
%endif
cd ..
@@ -448,6 +449,18 @@ fi
%files devel -f go-tests.list -f go-misc.list -f go-src.list
%changelog
+* Wed Mar 27 2024 hanchao - 1.17.3-30
+- Type:CVE
+- CVE:CVE-2024-24784
+- SUG:NA
+- DESC:fix CVE-2024-24784
+
+* Wed Mar 27 2024 hanchao - 1.17.3-29
+- Type:bugfix
+- CVE:
+- SUG:NA
+- DESC:fix failure of `net/http` unit test and enable go unit test
+
* Fri Mar 15 2024 hanchao - 1.17.3-28
- Type:CVE
- CVE:CVE-2024-24783,CVE-2024-24785,CVE-2023-45290,CVE-2023-45289