go, branch go1.11.11

[release-branch.go1.11] go1.11.11

2019-06-11T18:11:11Z

Change-Id: If078ff25a79a18429e3383207eae32bb9c8aec12 Reviewed-on: https://go-review.googlesource.com/c/go/+/181657 Reviewed-by: Katie Hockman Reviewed-by: Filippo Valsorda Run-TryBot: Dmitri Shuralyov TryBot-Result: Gobot Gobot

[release-branch.go1.11] doc: document Go 1.11.11

2019-06-11T00:27:41Z

Change-Id: I1c3e3305dfee4545a6caedd48243770ab3b28277 Reviewed-on: https://go-review.googlesource.com/c/go/+/181550 Reviewed-by: Filippo Valsorda (cherry picked from commit 55453016979124e18d3afb53c9df1590877a3b53) Reviewed-on: https://go-review.googlesource.com/c/go/+/181597

[release-branch.go1.11] crypto/x509: fix value ownership in isSSLPolicy on macOS

2019-06-07T20:50:08Z

CFDictionaryGetValueIfPresent does not take ownership of the value, so releasing the properties dictionary before passing the value to CFEqual can crash. Not really clear why this works most of the time. See https://developer.apple.com/library/archive/documentation/CoreFoundation/Conceptual/CFMemoryMgmt/Concepts/Ownership.html Fixes #32281 Updates #28092 Updates #30763 Change-Id: I5ee7ca276b753a48abc3aedfb78b8af68b448dd4 Reviewed-on: https://go-review.googlesource.com/c/go/+/178537 Reviewed-by: Adam Langley (cherry picked from commit a3d4655c2435e3777c45f09650539b943bab1c66) Reviewed-on: https://go-review.googlesource.com/c/go/+/179340 Run-TryBot: Dmitri Shuralyov TryBot-Result: Gobot Gobot Reviewed-by: Dmitri Shuralyov

[release-branch.go1.11] go1.11.10

2019-05-06T20:50:17Z

Change-Id: Id0cb0233c689fd97aa37870126d19b472bd1b85d Reviewed-on: https://go-review.googlesource.com/c/go/+/175445 Run-TryBot: Andrew Bonventre Reviewed-by: Brad Fitzpatrick TryBot-Result: Gobot Gobot

[release-branch.go1.11] doc: document Go 1.11.10

2019-05-06T20:11:22Z

Change-Id: Icca4495f727e3921b717a4bbb441cd832d321d46 Reviewed-on: https://go-review.googlesource.com/c/go/+/175439 Reviewed-by: Brad Fitzpatrick (cherry picked from commit e1f9e701be094741b234320cc49b8776cce27c3f) Reviewed-on: https://go-review.googlesource.com/c/go/+/175442 Reviewed-by: Andrew Bonventre

[release-branch.go1.11] runtime: safely load DLLs

2019-05-06T19:24:43Z

While many other call sites have been moved to using the proper higher-level system loading, these areas were left out. This prevents DLL directory injection attacks. This includes both the runtime load calls (using LoadLibrary prior) and the implicitly linked ones via cgo_import_dynamic, which we move to our LoadLibraryEx. The goal is to only loosely load kernel32.dll and strictly load all others. Meanwhile we make sure that we never fallback to insecure loading on older or unpatched systems. This is CVE-2019-9634. Fixes #30989 Updates #14959 Updates #28978 Updates #30642 Change-Id: I401a13ed8db248ab1bb5039bf2d31915cac72b93 Reviewed-on: https://go-review.googlesource.com/c/go/+/165798 Run-TryBot: Brad Fitzpatrick TryBot-Result: Gobot Gobot Reviewed-by: Alex Brainman (cherry picked from commit 9b6e9f0c8c66355c0f0575d808b32f52c8c6d21c) Reviewed-on: https://go-review.googlesource.com/c/go/+/175378 Run-TryBot: Dmitri Shuralyov Reviewed-by: Andrew Bonventre

[release-branch.go1.11] cmd/link: require cgo support for TestSectionsWithSameName

2019-04-22T01:20:16Z

The test doesn't really require cgo, but it does require that we know the right flags to use to run the C compiler, and that is not necessarily correct if we don't support cgo. Fixes #31565 Change-Id: I04dc8db26697caa470e91ad712376aa621cf765d Reviewed-on: https://go-review.googlesource.com/c/go/+/172981 Run-TryBot: Ian Lance Taylor Reviewed-by: Brad Fitzpatrick TryBot-Result: Gobot Gobot (cherry picked from commit 4c236b9b097882f3aef8116e1ac9f65463bf6f01) Reviewed-on: https://go-review.googlesource.com/c/go/+/173118

[release-branch.go1.11] cmd/link: don't fail if multiple ELF sections have the same name

2019-04-18T15:46:21Z

New versions of clang can generate multiple sections named ".text" when using vague C++ linkage. This is valid ELF, but would cause the Go linker to report an error when using internal linking: symbol PACKAGEPATH(.text) listed multiple times Avoid the problem by renaming section symbol names if there is a name collision. Change-Id: I41127e95003d5b4554aaf849177b3fe000382c02 Reviewed-on: https://go-review.googlesource.com/c/go/+/172697 Run-TryBot: Ian Lance Taylor TryBot-Result: Gobot Gobot Reviewed-by: Cherry Zhang (cherry picked from commit 3235f7c0720338a160debe6e9c632b8af968b4dd) Reviewed-on: https://go-review.googlesource.com/c/go/+/172702

[release-branch.go1.11] go1.11.9

2019-04-11T23:31:23Z

Change-Id: If4ab7c431f11a2d3db677b323dd85e0e8ce6de03 Reviewed-on: https://go-review.googlesource.com/c/go/+/171837 Run-TryBot: Andrew Bonventre TryBot-Result: Gobot Gobot Reviewed-by: Brad Fitzpatrick

[release-branch.go1.11] doc: document Go 1.11.9

2019-04-11T21:32:00Z

Updates #31293 Change-Id: I3d72f732be7b28059310ea6fc134c3bfac81492d Reviewed-on: https://go-review.googlesource.com/c/go/+/171578 Reviewed-by: Dmitri Shuralyov (cherry picked from commit ab2a0803383f0f019db0b2252095f2fdb7735cea) Reviewed-on: https://go-review.googlesource.com/c/go/+/171767 Reviewed-by: Bryan C. Mills