Permalink
Comparing changes
Choose two branches to see what’s changed or to start a new pull request.
If you need to, you can also or
learn more about diff comparisons.
Open a pull request
Create a new pull request by comparing changes across two branches. If you need to, you can also .
Learn more about diff comparisons here.
...
- 4 commits
- 5 files changed
- 4 contributors
Commits on Nov 25, 2025
-
[release-branch.go1.24] internal/cpu: use correct variable when parsi…
…ng CPU features lamcas and lam_bh on loong64 Fixes #76378 Change-Id: I5019f4e32243911f735f775bcb3c0dba5adb4162 Reviewed-on: https://go-review.googlesource.com/c/go/+/655395 Reviewed-by: David Chase <[email protected]> Reviewed-by: Junyang Shao <[email protected]> Reviewed-by: Meidan Li <[email protected]> Reviewed-by: sophie zhao <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> (cherry picked from commit bcd0ebb) Reviewed-on: https://go-review.googlesource.com/c/go/+/722400 Reviewed-by: abner chenc <[email protected]> Reviewed-by: Mark Freeman <[email protected]>
-
[release-branch.go1.24] crypto/x509: excluded subdomain constraints p…
…reclude wildcard SANs When evaluating name constraints in a certificate chain, the presence of an excluded subdomain constraint (e.g., excluding "test.example.com") should preclude the use of a wildcard SAN (e.g., "*.example.com"). Fixes #76442 Fixes #76463 Fixes CVE-2025-61727 Change-Id: I42a0da010cb36d2ec9d1239ae3f61cf25eb78bba Reviewed-on: https://go-review.googlesource.com/c/go/+/724401 Reviewed-by: Nicholas Husin <[email protected]> Reviewed-by: Daniel McCarney <[email protected]> LUCI-TryBot-Result: Go LUCI <[email protected]> Reviewed-by: Nicholas Husin <[email protected]> Reviewed-by: Neal Patel <[email protected]>
Commits on Dec 2, 2025
-
[release-branch.go1.24] crypto/x509: prevent HostnameError.Error() fr…
…om consuming excessive resource Constructing HostnameError.Error() takes O(N^2) runtime due to using a string concatenation in a loop. Additionally, there is no limit on how many names are included in the error message. As a result, a malicious attacker could craft a certificate with an infinite amount of names to unfairly consume resource. To remediate this, we will now use strings.Builder to construct the error message, preventing O(N^2) runtime. When a certificate has 100 or more names, we will also not print each name individually. Thanks to Philippe Antoine (Catena cyber) for reporting this issue. Updates #76445 Fixes #76460 Fixes CVE-2025-61729 Change-Id: I6343776ec3289577abc76dad71766c491c1a7c81 Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3000 Reviewed-by: Neal Patel <[email protected]> Reviewed-by: Damien Neil <[email protected]> Reviewed-on: https://go-internal-review.googlesource.com/c/go/+/3220 Reviewed-by: Roland Shoemaker <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/go/+/725820 Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Bypass: Dmitri Shuralyov <[email protected]> Auto-Submit: Dmitri Shuralyov <[email protected]> Reviewed-by: Mark Freeman <[email protected]>
-
[release-branch.go1.24] go1.24.11
Change-Id: Iae7d7cf17bf31ac6aaf145993d0b857a3ddbcacb Reviewed-on: https://go-review.googlesource.com/c/go/+/725841 TryBot-Bypass: Gopher Robot <[email protected]> Reviewed-by: Mark Freeman <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
Loading
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff go1.24.10...go1.24.11