From fced6976d263078ef68a960104597d0806282c53 Mon Sep 17 00:00:00 2001 From: wujichao Date: Tue, 25 Feb 2025 15:45:34 +0800 Subject: [PATCH] remove 0001-drop-hard-code-cert.patch and modify CVE-2024-45336 --- 0001-drop-hard-code-cert.patch | 135 ------------------ ...et-http-persist-header-stripping-acr.patch | 88 ++++++++++++ golang.spec | 9 +- 3 files changed, 95 insertions(+), 137 deletions(-) delete mode 100644 0001-drop-hard-code-cert.patch diff --git a/0001-drop-hard-code-cert.patch b/0001-drop-hard-code-cert.patch deleted file mode 100644 index 1af1acc..0000000 --- a/0001-drop-hard-code-cert.patch +++ /dev/null @@ -1,135 +0,0 @@ -From 2720067ebfb7568792bb0c8fe3fbf095c89b77a9 Mon Sep 17 00:00:00 2001 -From: jingrui -Date: Tue, 17 Mar 2020 17:43:33 +0800 -Subject: [PATCH] drop hard-code cert - -Signed-off-by: jingrui ---- - src/crypto/x509/test-file.crt | 32 --------------------------- - src/crypto/x509/testdata/test-dir.crt | 31 -------------------------- - src/net/http/internal/testcert.go | 31 ++------------------------ - 3 files changed, 2 insertions(+), 92 deletions(-) - delete mode 100644 src/crypto/x509/test-file.crt - delete mode 100644 src/crypto/x509/testdata/test-dir.crt - -diff --git a/src/crypto/x509/test-file.crt b/src/crypto/x509/test-file.crt -deleted file mode 100644 -index caa83b9..0000000 ---- a/src/crypto/x509/test-file.crt -+++ /dev/null -@@ -1,32 +0,0 @@ -------BEGIN CERTIFICATE----- --MIIFbTCCA1WgAwIBAgIJAN338vEmMtLsMA0GCSqGSIb3DQEBCwUAME0xCzAJBgNV --BAYTAlVLMRMwEQYDVQQIDApUZXN0LVN0YXRlMRUwEwYDVQQKDAxHb2xhbmcgVGVz --dHMxEjAQBgNVBAMMCXRlc3QtZmlsZTAeFw0xNzAyMDEyMzUyMDhaFw0yNzAxMzAy --MzUyMDhaME0xCzAJBgNVBAYTAlVLMRMwEQYDVQQIDApUZXN0LVN0YXRlMRUwEwYD --VQQKDAxHb2xhbmcgVGVzdHMxEjAQBgNVBAMMCXRlc3QtZmlsZTCCAiIwDQYJKoZI --hvcNAQEBBQADggIPADCCAgoCggIBAPMGiLjdiffQo3Xc8oUe7wsDhSaAJFOhO6Qs --i0xYrYl7jmCuz9rGD2fdgk5cLqGazKuQ6fIFzHXFU2BKs4CWXt9KO0KFEhfvZeuW --jG5d7C1ZUiuKOrPqjKVu8SZtFPc7y7Ke7msXzY+Z2LLyiJJ93LCMq4+cTSGNXVlI --KqUxhxeoD5/QkUPyQy/ilu3GMYfx/YORhDP6Edcuskfj8wRh1UxBejP8YPMvI6St --cE2GkxoEGqDWnQ/61F18te6WI3MD29tnKXOkXVhnSC+yvRLljotW2/tAhHKBG4tj --iQWT5Ri4Wrw2tXxPKRLsVWc7e1/hdxhnuvYpXkWNhKsm002jzkFXlzfEwPd8nZdw --5aT6gPUBN2AAzdoqZI7E200i0orEF7WaSoMfjU1tbHvExp3vyAPOfJ5PS2MQ6W03 --Zsy5dTVH+OBH++rkRzQCFcnIv/OIhya5XZ9KX9nFPgBEP7Xq2A+IjH7B6VN/S/bv --8lhp2V+SQvlew9GttKC4hKuPsl5o7+CMbcqcNUdxm9gGkN8epGEKCuix97bpNlxN --fHZxHE5+8GMzPXMkCD56y5TNKR6ut7JGHMPtGl5lPCLqzG/HzYyFgxsDfDUu2B0A --GKj0lGpnLfGqwhs2/s3jpY7+pcvVQxEpvVTId5byDxu1ujP4HjO/VTQ2P72rE8Ft --C6J2Av0tAgMBAAGjUDBOMB0GA1UdDgQWBBTLT/RbyfBB/Pa07oBnaM+QSJPO9TAf --BgNVHSMEGDAWgBTLT/RbyfBB/Pa07oBnaM+QSJPO9TAMBgNVHRMEBTADAQH/MA0G --CSqGSIb3DQEBCwUAA4ICAQB3sCntCcQwhMgRPPyvOCMyTcQ/Iv+cpfxz2Ck14nlx --AkEAH2CH0ov5GWTt07/ur3aa5x+SAKi0J3wTD1cdiw4U/6Uin6jWGKKxvoo4IaeK --SbM8w/6eKx6UbmHx7PA/eRABY9tTlpdPCVgw7/o3WDr03QM+IAtatzvaCPPczake --pbdLwmBZB/v8V+6jUajy6jOgdSH0PyffGnt7MWgDETmNC6p/Xigp5eh+C8Fb4NGT --xgHES5PBC+sruWp4u22bJGDKTvYNdZHsnw/CaKQWNsQqwisxa3/8N5v+PCff/pxl --r05pE3PdHn9JrCl4iWdVlgtiI9BoPtQyDfa/OEFaScE8KYR8LxaAgdgp3zYncWls --BpwQ6Y/A2wIkhlD9eEp5Ib2hz7isXOs9UwjdriKqrBXqcIAE5M+YIk3+KAQKxAtd --4YsK3CSJ010uphr12YKqlScj4vuKFjuOtd5RyyMIxUG3lrrhAu2AzCeKCLdVgA8+ --75FrYMApUdvcjp4uzbBoED4XRQlx9kdFHVbYgmE/+yddBYJM8u4YlgAL0hW2/D8p --z9JWIfxVmjJnBnXaKGBuiUyZ864A3PJndP6EMMo7TzS2CDnfCYuJjvI0KvDjFNmc --rQA04+qfMSEz3nmKhbbZu4eYLzlADhfH8tT4GMtXf71WLA5AUHGf2Y4+HIHTsmHG --vQ== -------END CERTIFICATE----- -diff --git a/src/crypto/x509/testdata/test-dir.crt b/src/crypto/x509/testdata/test-dir.crt -deleted file mode 100644 -index b7fc9c5..0000000 ---- a/src/crypto/x509/testdata/test-dir.crt -+++ /dev/null -@@ -1,31 +0,0 @@ -------BEGIN CERTIFICATE----- --MIIFazCCA1OgAwIBAgIJAL8a/lsnspOqMA0GCSqGSIb3DQEBCwUAMEwxCzAJBgNV --BAYTAlVLMRMwEQYDVQQIDApUZXN0LVN0YXRlMRUwEwYDVQQKDAxHb2xhbmcgVGVz --dHMxETAPBgNVBAMMCHRlc3QtZGlyMB4XDTE3MDIwMTIzNTAyN1oXDTI3MDEzMDIz --NTAyN1owTDELMAkGA1UEBhMCVUsxEzARBgNVBAgMClRlc3QtU3RhdGUxFTATBgNV --BAoMDEdvbGFuZyBUZXN0czERMA8GA1UEAwwIdGVzdC1kaXIwggIiMA0GCSqGSIb3 --DQEBAQUAA4ICDwAwggIKAoICAQDzBoi43Yn30KN13PKFHu8LA4UmgCRToTukLItM --WK2Je45grs/axg9n3YJOXC6hmsyrkOnyBcx1xVNgSrOAll7fSjtChRIX72Xrloxu --XewtWVIrijqz6oylbvEmbRT3O8uynu5rF82Pmdiy8oiSfdywjKuPnE0hjV1ZSCql --MYcXqA+f0JFD8kMv4pbtxjGH8f2DkYQz+hHXLrJH4/MEYdVMQXoz/GDzLyOkrXBN --hpMaBBqg1p0P+tRdfLXuliNzA9vbZylzpF1YZ0gvsr0S5Y6LVtv7QIRygRuLY4kF --k+UYuFq8NrV8TykS7FVnO3tf4XcYZ7r2KV5FjYSrJtNNo85BV5c3xMD3fJ2XcOWk --+oD1ATdgAM3aKmSOxNtNItKKxBe1mkqDH41NbWx7xMad78gDznyeT0tjEOltN2bM --uXU1R/jgR/vq5Ec0AhXJyL/ziIcmuV2fSl/ZxT4ARD+16tgPiIx+welTf0v27/JY --adlfkkL5XsPRrbSguISrj7JeaO/gjG3KnDVHcZvYBpDfHqRhCgrosfe26TZcTXx2 --cRxOfvBjMz1zJAg+esuUzSkerreyRhzD7RpeZTwi6sxvx82MhYMbA3w1LtgdABio --9JRqZy3xqsIbNv7N46WO/qXL1UMRKb1UyHeW8g8btboz+B4zv1U0Nj+9qxPBbQui --dgL9LQIDAQABo1AwTjAdBgNVHQ4EFgQUy0/0W8nwQfz2tO6AZ2jPkEiTzvUwHwYD --VR0jBBgwFoAUy0/0W8nwQfz2tO6AZ2jPkEiTzvUwDAYDVR0TBAUwAwEB/zANBgkq --hkiG9w0BAQsFAAOCAgEAvEVnUYsIOt87rggmLPqEueynkuQ+562M8EDHSQl82zbe --xDCxeg3DvPgKb+RvaUdt1362z/szK10SoeMgx6+EQLoV9LiVqXwNqeYfixrhrdw3 --ppAhYYhymdkbUQCEMHypmXP1vPhAz4o8Bs+eES1M+zO6ErBiD7SqkmBElT+GixJC --6epC9ZQFs+dw3lPlbiZSsGE85sqc3VAs0/JgpL/pb1/Eg4s0FUhZD2C2uWdSyZGc --g0/v3aXJCp4j/9VoNhI1WXz3M45nysZIL5OQgXymLqJElQa1pZ3Wa4i/nidvT4AT --Xlxc/qijM8set/nOqp7hVd5J0uG6qdwLRILUddZ6OpXd7ZNi1EXg+Bpc7ehzGsDt --3UFGzYXDjxYnK2frQfjLS8stOQIqSrGthW6x0fdkVx0y8BByvd5J6+JmZl4UZfzA --m99VxXSt4B9x6BvnY7ktzcFDOjtuLc4B/7yg9fv1eQuStA4cHGGAttsCg1X/Kx8W --PvkkeH0UWDZ9vhH9K36703z89da6MWF+bz92B0+4HoOmlVaXRkvblsNaynJnL0LC --Ayry7QBxuh5cMnDdRwJB3AVJIiJ1GVpb7aGvBOnx+s2lwRv9HWtghb+cbwwktx1M --JHyBf3GZNSWTpKY7cD8V+NnBv3UuioOVVo+XAU4LF/bYUjdRpxWADJizNtZrtFo= -------END CERTIFICATE----- -diff --git a/src/net/http/internal/testcert.go b/src/net/http/internal/testcert.go -index 2284a83..a33d06b 100644 ---- a/src/net/http/internal/testcert.go -+++ b/src/net/http/internal/testcert.go -@@ -10,36 +10,9 @@ import "strings" - // "127.0.0.1" and "[::1]", expiring at Jan 29 16:00:00 2084 GMT. - // generated from src/crypto/tls: - // go run generate_cert.go --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h --var LocalhostCert = []byte(`-----BEGIN CERTIFICATE----- --MIICEzCCAXygAwIBAgIQMIMChMLGrR+QvmQvpwAU6zANBgkqhkiG9w0BAQsFADAS --MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw --MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB --iQKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9SjY1bIw4 --iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZBl2+XsDul --rKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQABo2gwZjAO --BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw --AwEB/zAuBgNVHREEJzAlggtleGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAA --AAAAATANBgkqhkiG9w0BAQsFAAOBgQCEcetwO59EWk7WiJsG4x8SY+UIAA+flUI9 --tyC4lNhbcF2Idq9greZwbYCqTTTr2XiRNSMLCOjKyI7ukPoPjo16ocHj+P3vZGfs --h1fIw3cSS2OolhloGw/XM6RWPWtPAlGykKLciQrBru5NAPvCMsb/I1DAceTiotQM --fblo6RBxUQ== -------END CERTIFICATE-----`) -+var LocalhostCert = []byte(``) - - // LocalhostKey is the private key for localhostCert. --var LocalhostKey = []byte(testingKey(`-----BEGIN RSA TESTING KEY----- --MIICXgIBAAKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9 --SjY1bIw4iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZB --l2+XsDulrKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQAB --AoGAGRzwwir7XvBOAy5tM/uV6e+Zf6anZzus1s1Y1ClbjbE6HXbnWWF/wbZGOpet --3Zm4vD6MXc7jpTLryzTQIvVdfQbRc6+MUVeLKwZatTXtdZrhu+Jk7hx0nTPy8Jcb --uJqFk541aEw+mMogY/xEcfbWd6IOkp+4xqjlFLBEDytgbIECQQDvH/E6nk+hgN4H --qzzVtxxr397vWrjrIgPbJpQvBsafG7b0dA4AFjwVbFLmQcj2PprIMmPcQrooz8vp --jy4SHEg1AkEA/v13/5M47K9vCxmb8QeD/asydfsgS5TeuNi8DoUBEmiSJwma7FXY --fFUtxuvL7XvjwjN5B30pNEbc6Iuyt7y4MQJBAIt21su4b3sjXNueLKH85Q+phy2U --fQtuUE9txblTu14q3N7gHRZB4ZMhFYyDy8CKrN2cPg/Fvyt0Xlp/DoCzjA0CQQDU --y2ptGsuSmgUtWj3NM9xuwYPm+Z/F84K6+ARYiZ6PYj013sovGKUFfYAqVXVlxtIX --qyUBnu3X9ps8ZfjLZO7BAkEAlT4R5Yl6cGhaJQYZHOde3JEMhNRcVFMO8dJDaFeo --f9Oeos0UUothgiDktdQHxdNEwLjQf7lJJBzV+5OtwswCWA== -------END RSA TESTING KEY-----`)) -+var LocalhostKey = []byte(testingKey(``)) - - func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } --- -2.17.1 - diff --git a/0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch b/0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch index afe7e9e..a8df849 100644 --- a/0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch +++ b/0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch @@ -288,3 +288,91 @@ index 429b8f1..1ce9539 100644 } } } +diff --git a/src/net/http/internal/testcert.go b/src/net/http/internal/testcert.go +index 2284a83..de0f7b7 100644 +--- a/src/net/http/internal/testcert.go ++++ b/src/net/http/internal/testcert.go +@@ -9,37 +9,56 @@ import "strings" + // LocalhostCert is a PEM-encoded TLS cert with SAN IPs + // "127.0.0.1" and "[::1]", expiring at Jan 29 16:00:00 2084 GMT. + // generated from src/crypto/tls: +-// go run generate_cert.go --rsa-bits 1024 --host 127.0.0.1,::1,example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h ++// go run generate_cert.go --rsa-bits 2048 --host 127.0.0.1,::1,example.com,*.example.com --ca --start-date "Jan 1 00:00:00 1970" --duration=1000000h + var LocalhostCert = []byte(`-----BEGIN CERTIFICATE----- +-MIICEzCCAXygAwIBAgIQMIMChMLGrR+QvmQvpwAU6zANBgkqhkiG9w0BAQsFADAS ++MIIDSDCCAjCgAwIBAgIQFgSNW7Q203yuk2HUM4z0GDANBgkqhkiG9w0BAQsFADAS + MRAwDgYDVQQKEwdBY21lIENvMCAXDTcwMDEwMTAwMDAwMFoYDzIwODQwMTI5MTYw +-MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB +-iQKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9SjY1bIw4 +-iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZBl2+XsDul +-rKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQABo2gwZjAO +-BgNVHQ8BAf8EBAMCAqQwEwYDVR0lBAwwCgYIKwYBBQUHAwEwDwYDVR0TAQH/BAUw +-AwEB/zAuBgNVHREEJzAlggtleGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAA +-AAAAATANBgkqhkiG9w0BAQsFAAOBgQCEcetwO59EWk7WiJsG4x8SY+UIAA+flUI9 +-tyC4lNhbcF2Idq9greZwbYCqTTTr2XiRNSMLCOjKyI7ukPoPjo16ocHj+P3vZGfs +-h1fIw3cSS2OolhloGw/XM6RWPWtPAlGykKLciQrBru5NAPvCMsb/I1DAceTiotQM +-fblo6RBxUQ== ++MDAwWjASMRAwDgYDVQQKEwdBY21lIENvMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A ++MIIBCgKCAQEAqspE6oCu4tLTgAca17wS9FecmXBWM2+qzz5dmvQAI25qf4xo0vKC ++/apwhh8pHO0S3IOHcILAy8j9e/cs1V8k0Dre7KGNqqZyNCc7950ZQtt/CRN1H8MF ++vAh20qsXC7BQjfE0Ga522d1UTUU0rAAhQk9Ityp4hy5f7RjXMbEJphgmtg1qZBnS +++Uahsiky1L6hmUdjWMKZYaS14X+N3MhGWjR2R2hiP/QMEb7Y9ReCd2sRqWTjKyXJ ++i5JD1+tVJgUeBJp4+38naVT3LG/VviIOE9xo4WhrtsnX9adm6ctcxPIFrPRWIhyV ++RSfQwHo26mJiGH2KsmM3gggX/W9E0ft6UQIDAQABo4GXMIGUMA4GA1UdDwEB/wQE ++AwICpDATBgNVHSUEDDAKBggrBgEFBQcDATAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud ++DgQWBBT46lXgr7Azh/gy8zDLaq8oCpGCmzA9BgNVHREENjA0ggtleGFtcGxlLmNv ++bYINKi5leGFtcGxlLmNvbYcEfwAAAYcQAAAAAAAAAAAAAAAAAAAAATANBgkqhkiG ++9w0BAQsFAAOCAQEATM2XXLR3gTagL5MXK29RloJRD/vyZNiKL3Fuj/EOaU53Mpm2 ++MJ7b7WTz4Kft285UaFqeSSTnOkDmlSPmccI2v7Ridp7gO3RimPz5Ofd1zLw12zEx ++4ZzFjU6vuLUwfw+1lw8xnS7cn1j2Q5AoWmfJxnQKCnkX487m/16szda49ydTestc ++s4g18dV/OGhWOQpLA2Z75DAu2rmE1oLKTrmYc36xjGXqMqSB33QU0sHgtkopuWdC ++C1TGa/ZwgQLdNPZfbdrYqtJQrnlyxSLx9R/ZZH00zse2N1eY0qPje2yXjNkD10Lp ++DXa5YlHo2skMtBMQ8uq+nQ+gWhRu5CJ2OYajVg== + -----END CERTIFICATE-----`) + + // LocalhostKey is the private key for localhostCert. + var LocalhostKey = []byte(testingKey(`-----BEGIN RSA TESTING KEY----- +-MIICXgIBAAKBgQDuLnQAI3mDgey3VBzWnB2L39JUU4txjeVE6myuDqkM/uGlfjb9 +-SjY1bIw4iA5sBBZzHi3z0h1YV8QPuxEbi4nW91IJm2gsvvZhIrCHS3l6afab4pZB +-l2+XsDulrKBxKKtD1rGxlG4LjncdabFn9gvLZad2bSysqz/qTAUStTvqJQIDAQAB +-AoGAGRzwwir7XvBOAy5tM/uV6e+Zf6anZzus1s1Y1ClbjbE6HXbnWWF/wbZGOpet +-3Zm4vD6MXc7jpTLryzTQIvVdfQbRc6+MUVeLKwZatTXtdZrhu+Jk7hx0nTPy8Jcb +-uJqFk541aEw+mMogY/xEcfbWd6IOkp+4xqjlFLBEDytgbIECQQDvH/E6nk+hgN4H +-qzzVtxxr397vWrjrIgPbJpQvBsafG7b0dA4AFjwVbFLmQcj2PprIMmPcQrooz8vp +-jy4SHEg1AkEA/v13/5M47K9vCxmb8QeD/asydfsgS5TeuNi8DoUBEmiSJwma7FXY +-fFUtxuvL7XvjwjN5B30pNEbc6Iuyt7y4MQJBAIt21su4b3sjXNueLKH85Q+phy2U +-fQtuUE9txblTu14q3N7gHRZB4ZMhFYyDy8CKrN2cPg/Fvyt0Xlp/DoCzjA0CQQDU +-y2ptGsuSmgUtWj3NM9xuwYPm+Z/F84K6+ARYiZ6PYj013sovGKUFfYAqVXVlxtIX +-qyUBnu3X9ps8ZfjLZO7BAkEAlT4R5Yl6cGhaJQYZHOde3JEMhNRcVFMO8dJDaFeo +-f9Oeos0UUothgiDktdQHxdNEwLjQf7lJJBzV+5OtwswCWA== ++MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQCqykTqgK7i0tOA ++BxrXvBL0V5yZcFYzb6rPPl2a9AAjbmp/jGjS8oL9qnCGHykc7RLcg4dwgsDLyP17 ++9yzVXyTQOt7soY2qpnI0Jzv3nRlC238JE3UfwwW8CHbSqxcLsFCN8TQZrnbZ3VRN ++RTSsACFCT0i3KniHLl/tGNcxsQmmGCa2DWpkGdL5RqGyKTLUvqGZR2NYwplhpLXh ++f43cyEZaNHZHaGI/9AwRvtj1F4J3axGpZOMrJcmLkkPX61UmBR4Emnj7fydpVPcs ++b9W+Ig4T3GjhaGu2ydf1p2bpy1zE8gWs9FYiHJVFJ9DAejbqYmIYfYqyYzeCCBf9 ++b0TR+3pRAgMBAAECggEBAI/MC+hRfm31yiOSV9RqQp89oNlDzyAxleQ2A0PyyqcK ++UVqg0qVBkG6ZcXJLjCcRqH7Hs2JUhJVP3bThMPtZxzoXRxh/ETMsPx2QJxpdSCaV ++fkka+9NJNWvSyJCpgpbR1ZEdE5vH28OlaVRBv45N8bLN5FBrzt0qe5O6BX2OLKyN ++agTAaWw+IZgwKr8ayZugbmZRxJd5ffH4bGyg+EGeTjAP3s3LUzGIXdBtMwyYuwvh ++jtrUgctah93a/4x7qdQ7y1U4pFR8Igd6oAdEP8EnAB2WPJoRVvjVwS/pZIJYnqN7 ++bJXfvcjBhSZYG/LjZTJm8XQpKPIaO2FJYfasDOewVT0CgYEAwlIgdXVyyY3SYXeM ++PPM1IFtaeY3sgKymSdQGn1pzMbBz5+irkNb+4hDfAPZ6Mq5aceY4Er/WTDM122g1 ++FSAszMe1yIX7kxZt5Vh8bjOG/KVNPoJ61HKdx7ApkJjyfbaUMMNe0mv4FsIKscQN ++myCt1J4VpNZQwYLDygKFVMbtuDsCgYEA4QAdfmx/4XCt4eTSmTOV5r1+2iIRGVq4 ++8J2C7iKeMwRs3HQY09sLL5hL7AwWphS2g2ngwb2ZTozHLtSt39tb0w8L4qqiLJU+ ++YISg/57gaaORYw3dAmK6kZVpoDPYaq4GBBSOxmRWo0Q4YF14eKGRm+gGGj4Pn72P ++N3Iy1HjfeuMCgYBbdQXb4oxE+p/iyb5STXFaqkRZ44dFRHz7UHRReeOvpknXA3YE ++NHw/8ArVTCxVQCRHaUBI6ss0kAGwI0qgh8UuGGyhVRYDs1HD2LKvt0a4ECDb49Nl ++vBAwlOPrL2Ep882pabpuNOzN4UPhSNHSij3mTQUI0OmvOhlmMWuJbBskUwKBgQCB ++ae6M6902DviEiHe1VJ1wxSe0UYniOnNLOl23mMPDdlUjC8fH+yJY8tEgaOeSCTHd ++LkXvSZ1nN8PNJNkJfAM5x1q/ugNjf0gMfdyYioprWIBkJ/Ip0B2dZQIG+isNWSDu ++seBZLhdC+xcuHjUPtWap9O+lonKcH4zDiHTCDvADnwKBgF0JXQORS3YKb3qTPIOM ++Fac2iX3589ar8jPP/e2Zr/kq4nnfCTCq4D1TdbiWQyRQG25vDyvpZhmHG9L40HQG ++V9nPlpXn4U+f7EInxg3pcaSSn8RKxOFV94JucEkGL7cHmZMLOkYw6foThbsBT5R3 ++WlHTZvq5FrvuRL63przviPPw + -----END RSA TESTING KEY-----`)) + + func testingKey(s string) string { return strings.ReplaceAll(s, "TESTING KEY", "PRIVATE KEY") } +-- +2.33.0 diff --git a/golang.spec b/golang.spec index ddf9fea..021a299 100644 --- a/golang.spec +++ b/golang.spec @@ -58,7 +58,7 @@ Name: golang Version: 1.15.7 -Release: 49 +Release: 50 Summary: The Go Programming Language License: BSD and Public Domain URL: https://golang.org/ @@ -270,7 +270,6 @@ Patch6125: 0125-Backport-encoding-gob-cover-missed-cases-when-checking-ignore.pa Patch6126: 0126-CVE-2024-45341-crypto-x509-properly-check-for-IPv6-h.patch Patch6127: 0127-CVE-2024-45336-net-http-persist-header-stripping-acr.patch -Patch9001: 0001-drop-hard-code-cert.patch Patch9002: 0002-fix-patch-cmd-go-internal-modfetch-do-not-sho.patch %description @@ -508,6 +507,12 @@ fi %files devel -f go-tests.list -f go-misc.list -f go-src.list %changelog +* Tue Feb 25 2025 wujichao - 1.15.7-50 +- Type:CVE +- CVE:CVE-2024-45336 +- SUG:NA +- DESC:remove 0001-drop-hard-code-cert.patch and modify CVE-2024-45336 + * Thu Feb 20 2025 wujichao - 1.15.7-49 - Type:CVE - CVE:CVE-2024-45341 CVE-2024-45336 -- Gitee