- The Go memory model has been revised to align Go with + The Go memory model has been + revised to align Go with the memory model used by C, C++, Java, JavaScript, Rust, and Swift. Go only provides sequentially consistent atomics, not any of the more relaxed forms found in other languages. Along with the memory model update, @@ -378,11 +379,17 @@ as well as support for rendering them to HTML, Markdown, and text.
The Prime
- implementation was simplified. This will lead to different outputs for the
- same random stream compared to the previous implementation. The internals
- of Prime are not stable, should not be relied upon not to
- change, and the output is now intentionally non-deterministic with respect
- to the input stream.
+ implementation was changed to use only rejection sampling,
+ which removes a bias when generating small primes in non-cryptographic contexts,
+ removes one possible minor timing leak,
+ and better aligns the behavior with BoringSSL,
+ all while simplifying the implementation.
+ The change does produce different outputs for a given random source
+ stream compared to the previous implementation,
+ which can break tests written expecting specific results from
+ specific deterministic random sources.
+ To help prevent such problems in the future,
+ the implementation is now intentionally non-deterministic with respect to the input stream.
- The tls10default GODEBUG option has been
+ The GODEBUG option tls10default=1 has been
removed. It is still possible to enable TLS 1.0 client-side by setting
Config.MinVersion.
- Removal of the x509sha1=1 GODEBUG option,
+ Removal of the GODEBUG optionx509sha1=1,
originally planned for Go 1.19, has been rescheduled to a future release.
Applications using it should work on migrating. Practical attacks against
SHA-1 have been demonstrated since 2017 and publicly trusted Certificate