Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/2194904/?format=api
{ "id": 2194904, "url": "http://patchwork.ozlabs.org/api/patches/2194904/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/patch/20260210074955.612849-1-peter@korsgaard.com/", "project": { "id": 27, "url": "http://patchwork.ozlabs.org/api/projects/27/?format=api", "name": "Buildroot development", "link_name": "buildroot", "list_id": "buildroot.buildroot.org", "list_email": "buildroot@buildroot.org", "web_url": "", "scm_url": "", "webscm_url": "", "list_archive_url": "", "list_archive_url_format": "", "commit_url_format": "" }, "msgid": "<20260210074955.612849-1-peter@korsgaard.com>", "list_archive_url": null, "date": "2026-02-10T07:49:53", "name": "package/go: security bump to version 1.25.7", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "f0a60a0bee1b28e82292d56c162bd6a837c738ed", "submitter": { "id": 42365, "url": "http://patchwork.ozlabs.org/api/people/42365/?format=api", "name": "Peter Korsgaard", "email": "peter@korsgaard.com" }, "delegate": { "id": 89618, "url": "http://patchwork.ozlabs.org/api/users/89618/?format=api", "username": "juju", "first_name": "Julien", "last_name": "Olivain", "email": "juju@cotds.org" }, "mbox": "http://patchwork.ozlabs.org/project/buildroot/patch/20260210074955.612849-1-peter@korsgaard.com/mbox/", "series": [ { "id": 491615, "url": "http://patchwork.ozlabs.org/api/series/491615/?format=api", "web_url": "http://patchwork.ozlabs.org/project/buildroot/list/?series=491615", "date": "2026-02-10T07:49:53", "name": "package/go: security bump to version 1.25.7", "version": 1, "mbox": "http://patchwork.ozlabs.org/series/491615/mbox/" } ], "comments": "http://patchwork.ozlabs.org/api/patches/2194904/comments/", "check": "pending", "checks": "http://patchwork.ozlabs.org/api/patches/2194904/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<buildroot-bounces@buildroot.org>", "X-Original-To": [ "incoming-buildroot@patchwork.ozlabs.org", "buildroot@buildroot.org" ], "Delivered-To": [ "patchwork-incoming-buildroot@legolas.ozlabs.org", "buildroot@buildroot.org" ], "Authentication-Results": [ "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=buildroot.org header.i=@buildroot.org\n header.a=rsa-sha256 header.s=default header.b=MbqqJzIP;\n\tdkim-atps=neutral", "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=buildroot.org\n (client-ip=140.211.166.138; helo=smtp1.osuosl.org;\n envelope-from=buildroot-bounces@buildroot.org; receiver=patchwork.ozlabs.org)" ], "Received": [ "from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange x25519 server-signature ECDSA (secp384r1) server-digest SHA384)\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4f9DHm5DvYz1xtr\n\tfor <incoming-buildroot@patchwork.ozlabs.org>;\n Tue, 10 Feb 2026 18:50:12 +1100 (AEDT)", "from localhost (localhost [127.0.0.1])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 3CA7580D02;\n\tTue, 10 Feb 2026 07:50:10 +0000 (UTC)", "from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id 0XBoGu4DiUaA; Tue, 10 Feb 2026 07:50:09 +0000 (UTC)", "from lists1.osuosl.org (lists1.osuosl.org [140.211.166.142])\n\tby smtp1.osuosl.org (Postfix) with ESMTP id 1A1CA80D44;\n\tTue, 10 Feb 2026 07:50:09 +0000 (UTC)", "from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138])\n by lists1.osuosl.org (Postfix) with ESMTP id A457A219\n for <buildroot@buildroot.org>; Tue, 10 Feb 2026 07:50:07 +0000 (UTC)", "from localhost (localhost [127.0.0.1])\n by smtp1.osuosl.org (Postfix) with ESMTP id 2251980CFA\n for <buildroot@buildroot.org>; Tue, 10 Feb 2026 07:50:04 +0000 (UTC)", "from smtp1.osuosl.org ([127.0.0.1])\n by localhost (smtp1.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP\n id a_bv0M3LKott for <buildroot@buildroot.org>;\n Tue, 10 Feb 2026 07:50:01 +0000 (UTC)", "from sendmail.purelymail.com (sendmail.purelymail.com\n [34.202.193.197])\n by smtp1.osuosl.org (Postfix) with ESMTPS id 0794580CE8\n for <buildroot@buildroot.org>; Tue, 10 Feb 2026 07:50:00 +0000 (UTC)", "by smtp.purelymail.com (Purelymail SMTP) with ESMTPSA id 1853273034;\n (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384);\n Tue, 10 Feb 2026 07:49:58 +0000 (UTC)", "from peko by dell.be.48ers.dk with local (Exim 4.98.2)\n (envelope-from <peko@dell.be.48ers.dk>) id 1vpiVR-00000002ZR3-1UH7;\n Tue, 10 Feb 2026 08:49:57 +0100" ], "X-Virus-Scanned": [ "amavis at osuosl.org", "amavis at osuosl.org" ], "X-Comment": "SPF check N/A for local connections - client-ip=140.211.166.142;\n helo=lists1.osuosl.org; envelope-from=buildroot-bounces@buildroot.org;\n receiver=<UNKNOWN> ", "DKIM-Filter": [ "OpenDKIM Filter v2.11.0 smtp1.osuosl.org 1A1CA80D44", "OpenDKIM Filter v2.11.0 smtp1.osuosl.org 0794580CE8" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=buildroot.org;\n\ts=default; t=1770709809;\n\tbh=tt/k+IxXPGl9MNNNrM8CP+f5y+4iGbZ/A5JQQeA4RRY=;\n\th=From:To:Date:Subject:List-Id:List-Unsubscribe:List-Archive:\n\t List-Post:List-Help:List-Subscribe:Cc:From;\n\tb=MbqqJzIP3ojkUVAeYNt+kaYx7S2QEjPkNSa5vZPo7LdvC6fAOnw1G0/XYX0kW7Mwc\n\t 9aU5dnF71L6jNSmdmiaykTgMfrmJkquzl2yEK5elx0jfz8vLkYOFqn1/4nvH03iwV0\n\t GpHKK40KJ3gpxEv2sK2Ul0yg1RMZxJE1bmOUQH/CBkUik9qyxOMlUf9bnX2egoNeOK\n\t BaliI15pBjH+4lSDkZ5GqWPZuM3yTS35S6JxC6wIRoVG1oNLhzLNknCZjinY77DyL/\n\t L4lrmCQlvoZlH4/BjNv26CuijA/jxDBSBGENy5GsIvI/NVDP+n/ZeuuB79wYuosQKY\n\t NAmf0Nro7bCqQ==", "Received-SPF": "Pass (mailfrom) identity=mailfrom; client-ip=34.202.193.197;\n helo=sendmail.purelymail.com; envelope-from=peko@korsgaard.com;\n receiver=<UNKNOWN>", "DMARC-Filter": "OpenDMARC Filter v1.4.2 smtp1.osuosl.org 0794580CE8", "Feedback-ID": "21632:4007:null:purelymail", "X-Pm-Original-To": "buildroot@buildroot.org", "From": "Peter Korsgaard <peter@korsgaard.com>", "To": "buildroot@buildroot.org", "Date": "Tue, 10 Feb 2026 08:49:53 +0100", "Message-ID": "<20260210074955.612849-1-peter@korsgaard.com>", "X-Mailer": "git-send-email 2.47.3", "MIME-Version": "1.0", "X-MIME-Autoconverted": "from 8bit to quoted-printable by Purelymail", "X-Mailman-Original-DKIM-Signature": "a=rsa-sha256;\n b=qra+KU0r+eQLPPt84a21+2HKyZDmlle8Nx1/aB7RCPDGmNjlL2tZt0wdQAlnPYcHjwvV61KgnBGLurjB/ofdxYgTEOzTtGqhvLUBrol5Qq2OlHkA++pCyztnwQjsz76mNzWurxy/0tAdNGFdN/kBfzfUcNL7aGhEbADSxSfiVLOQedGkvhPi59AafXZoCBU1thOzkqrXV9R6zRm2IrDL9ulUFOju8J7jQxodCoYF54uz4LxIfCWKDZJ7cQ5GILl+5fiQAwhGW0/29y4QXJ9vDswKw1f4A7SS9VL51cJCPb1K9BtRUG/WOZpqp3V3MIDtWtR5TwKziugg53QprSN24w==;\n s=purelymail3; d=purelymail.com; v=1;\n bh=pDLe8UvkHvPkZVeRQKhXEvJ4SVpMh7IsDF4H1wBlCqU=;\n h=Feedback-ID:Received:Received:From:To:Subject:Date;", "X-Mailman-Original-Authentication-Results": [ "smtp1.osuosl.org;\n dmarc=none (p=none dis=none)\n header.from=korsgaard.com", "smtp1.osuosl.org;\n dkim=pass (2048-bit key,\n unprotected) header.d=purelymail.com header.i=@purelymail.com\n header.a=rsa-sha256 header.s=purelymail3 header.b=qra+KU0r", "purelymail.com; auth=pass" ], "Subject": "[Buildroot] [PATCH] package/go: security bump to version 1.25.7", "X-BeenThere": "buildroot@buildroot.org", "X-Mailman-Version": "2.1.30", "Precedence": "list", "List-Id": "Discussion and development of buildroot <buildroot.buildroot.org>", "List-Unsubscribe": "<https://lists.buildroot.org/mailman/options/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=unsubscribe>", "List-Archive": "<http://lists.buildroot.org/pipermail/buildroot/>", "List-Post": "<mailto:buildroot@buildroot.org>", "List-Help": "<mailto:buildroot-request@buildroot.org?subject=help>", "List-Subscribe": "<https://lists.buildroot.org/mailman/listinfo/buildroot>,\n <mailto:buildroot-request@buildroot.org?subject=subscribe>", "Cc": "Thomas Perale <thomas.perale@mind.be>,\n Christian Stewart <christian@aperture.us>", "Content-Type": "text/plain; charset=\"us-ascii\"", "Content-Transfer-Encoding": "7bit", "Errors-To": "buildroot-bounces@buildroot.org", "Sender": "\"buildroot\" <buildroot-bounces@buildroot.org>" }, "content": "Fixes the following vulnerabilities:\n\nCVE-2025-61732: cmd/cgo: remove user-content from doc strings in cgo ASTs\n\nA discrepancy between how Go and C/C++ comments were parsed allowed for code\nsmuggling into the resulting cgo binary.\n\nTo prevent this behavior, the cgo compiler will no longer parse\nuser-provided doc comments.\n\nCVE-2025-68121: crypto/tls: unexpected session resumption when using\nConfig.GetConfigForClient\n\nConfig.GetConfigForClient is documented to use the original Config's session\nticket keys unless explicitly overridden. This can cause unexpected\nbehavior if the returned Config modifies authentication parameters, like\nClientCAs: a connection initially established with the parent (or a sibling)\nConfig can be resumed, bypassing the modified authentication requirements.\n\nIf ClientAuth is VerifyClientCertIfGiven or RequireAndVerifyClientCert (on\nthe server) or InsecureSkipVerify is false (on the client), crypto/tls now\nchecks that the root of the previously-verified chain is still in\nClientCAs/RootCAs when resuming a connection.\n\nGo 1.26 Release Candidate 2, Go 1.25.6, and Go 1.24.12 had fixed a similar\nissue related to session ticket keys being implicitly shared by\nConfig.Clone. Since this fix is broader, the Config.Clone behavior change\nhas been reverted.\n\nNote that VerifyPeerCertificate still behaves as documented: it does not\napply to resumed connections. Applications that use\nConfig.GetConfigForClient or Config.Clone and do not wish to blindly resume\nconnections established with the original Config must use VerifyConnection\ninstead (or SetSessionTicketKeys or SessionTicketsDisabled).\n\nFor more details, see the announcement:\nhttps://groups.google.com/g/golang-announce/c/K09ubi9FQFk\n\nSigned-off-by: Peter Korsgaard <peter@korsgaard.com>\n---\n package/go/go.hash | 14 +++++++-------\n package/go/go.mk | 2 +-\n 2 files changed, 8 insertions(+), 8 deletions(-)", "diff": "diff --git a/package/go/go.hash b/package/go/go.hash\nindex 6134ec5f75..9a9a5a571a 100644\n--- a/package/go/go.hash\n+++ b/package/go/go.hash\n@@ -1,9 +1,9 @@\n # sha256 checksum from https://go.dev/dl/\n-sha256 58cbf771e44d76de6f56d19e33b77d745a1e489340922875e46585b975c2b059 go1.25.6.src.tar.gz\n-sha256 59fe62eee3cca65332acef3ebe9b6ff3272467e0a08bf7f68f96334902bf23b9 go1.25.6.linux-386.tar.gz\n-sha256 f022b6aad78e362bcba9b0b94d09ad58c5a70c6ba3b7582905fababf5fe0181a go1.25.6.linux-amd64.tar.gz\n-sha256 738ef87d79c34272424ccdf83302b7b0300b8b096ed443896089306117943dd5 go1.25.6.linux-arm64.tar.gz\n-sha256 679f0e70b27c637116791e3c98afbf8c954deb2cd336364944d014f8e440e2ae go1.25.6.linux-armv6l.tar.gz\n-sha256 bee02dbe034b12b839ae7807a85a61c13bee09ee38f2eeba2074bd26c0c0ab73 go1.25.6.linux-ppc64le.tar.gz\n-sha256 3d97cc5670a0da9cb177037782129f0bf499ecb47abc40488248548abd2c2c35 go1.25.6.linux-s390x.tar.gz\n+sha256 178f2832820274b43e177d32f06a3ebb0129e427dd20a5e4c88df2c1763cf10a go1.25.7.src.tar.gz\n+sha256 2866517e9ca81e6a2e85a930e9b11bc8a05cfeb2fc6dc6cb2765e7fb3c14b715 go1.25.7.linux-386.tar.gz\n+sha256 12e6d6a191091ae27dc31f6efc630e3a3b8ba409baf3573d955b196fdf086005 go1.25.7.linux-amd64.tar.gz\n+sha256 ba611a53534135a81067240eff9508cd7e256c560edd5d8c2fef54f083c07129 go1.25.7.linux-arm64.tar.gz\n+sha256 1ba07e0eb86b839e72467f4b5c7a5597d07f30bcf5563c951410454f7cda5266 go1.25.7.linux-armv6l.tar.gz\n+sha256 42124c0edc92464e2b37b2d7fcd3658f0c47ebd6a098732415a522be8cb88e3f go1.25.7.linux-ppc64le.tar.gz\n+sha256 c6b77facf666dc68195ecab05dbf0ebb4e755b2a8b7734c759880557f1c29b0c go1.25.7.linux-s390x.tar.gz\n sha256 911f8f5782931320f5b8d1160a76365b83aea6447ee6c04fa6d5591467db9dad LICENSE\ndiff --git a/package/go/go.mk b/package/go/go.mk\nindex 91e5fbf347..a9c7d1ddc6 100644\n--- a/package/go/go.mk\n+++ b/package/go/go.mk\n@@ -4,7 +4,7 @@\n #\n ################################################################################\n \n-GO_VERSION = 1.25.6\n+GO_VERSION = 1.25.7\n \n HOST_GO_GOPATH = $(HOST_DIR)/share/go-path\n HOST_GO_HOST_CACHE = $(HOST_DIR)/share/host-go-cache\n", "prefixes": [] }