Tags: onsole/go-image
Tags
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: Ie0bb31bf2e0ecfda35de664bca8b74cafe3b61bf Reviewed-on: https://go-review.googlesource.com/c/image/+/482775 Run-TryBot: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Carlos Amedee <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: I4b93f43a856da6cae7427a722a379231614f6683 Reviewed-on: https://go-review.googlesource.com/c/image/+/473436 Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Run-TryBot: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]>
tiff: don't pre-allocate giant slices before reading Use a copy of the standard libraries internal/saferio.ReadDataAt func to create/read slices which have lengths supplied by the header. This avoids allocating giant slices which we then learn there are not enough bytes in the reader to fill. This makes DecodeConfig safe to use to determine if the image is of a reasonable size to call Decode on. This was found by the ngolo-fuzzing project running on OSS-Fuzz and reported by Philippe Antoine (Catena cyber). Fixes golang/go#58003 Fixes CVE-2022-41727 Change-Id: Iae53f78b840f3b8dbeab37fba8c0164054cbb4ed Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/1680712 Reviewed-by: Damien Neil <[email protected]> TryBot-Result: Security TryBots <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> Reviewed-by: Julie Qiu <[email protected]> Reviewed-on: https://go-review.googlesource.com/c/image/+/468195 Auto-Submit: Roland Shoemaker <[email protected]> Run-TryBot: Roland Shoemaker <[email protected]> TryBot-Result: Gopher Robot <[email protected]>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: I044d45ec21f5032086f9beeb1a9825487aa3dee9 Reviewed-on: https://go-review.googlesource.com/c/image/+/466596 Run-TryBot: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: I6407536de0d39d8c3c4600e8d32bf77ea98e52b6 Reviewed-on: https://go-review.googlesource.com/c/image/+/460495 Auto-Submit: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Gopher Robot <[email protected]>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: I6c9514d0f8db12db1ec99d534b73963d55446ee7 Reviewed-on: https://go-review.googlesource.com/c/image/+/455295 Reviewed-by: Dmitri Shuralyov <[email protected]> Auto-Submit: Gopher Robot <[email protected]> Run-TryBot: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]>
go.mod: update golang.org/x dependencies Update golang.org/x dependencies to their latest tagged versions. Once this CL is submitted, and post-submit testing succeeds on all first-class ports across all supported Go versions, this repository will be tagged with its next minor version. Change-Id: I65f153d436a7ab27b6f6fd810736f3e027f4f169 Reviewed-on: https://go-review.googlesource.com/c/image/+/443416 Reviewed-by: Dmitri Shuralyov <[email protected]> Reviewed-by: Dmitri Shuralyov <[email protected]> Run-TryBot: Gopher Robot <[email protected]> Reviewed-by: Heschi Kreinick <[email protected]> Auto-Submit: Gopher Robot <[email protected]> TryBot-Result: Gopher Robot <[email protected]>