[pkgsrc/trunk]: pkgsrc/lang Update go112 to 1.12.10.

To: pkgsrc-changes-hg%NetBSD.org@localhost
Subject: [pkgsrc/trunk]: pkgsrc/lang Update go112 to 1.12.10.
From: bsiegert <bsiegert%pkgsrc.org@localhost>
Date: Sun, 29 Sep 2019 06:25:46 +0000

details:   https://anonhg.NetBSD.org/pkgsrc/rev/babe13527d7c
branches:  trunk
changeset: 340216:babe13527d7c
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Thu Sep 26 18:36:46 2019 +0000

description:
Update go112 to 1.12.10.

Commit ok'd by wiz@ for PMC.

Go 1.12.10:

net/http (through net/textproto) used to accept and normalize invalid
HTTP/1.1 headers with a space before the colon, in violation of RFC 7230. If
a Go server is used behind an uncommon reverse proxy that accepts and
forwards but doesn't normalize such invalid headers, the reverse proxy and
the server can interpret the headers differently. This can lead to filter
bypasses or request smuggling, the latter if requests from separate clients
are multiplexed onto the same upstream connection by the proxy. Such invalid
headers are now rejected by Go servers, and passed without normalization to
Go client applications.

The issue is CVE-2019-16276 and Go issue golang.org/issue/34540.

Go 1.12.9:

go1.12.9 (released 2019/08/15) includes fixes to the linker, and the os and
math/big packages. See the Go 1.12.9 milestone on our issue tracker for
details.

diffstat:

 lang/go/version.mk  |   4 ++--
 lang/go112/PLIST    |   5 ++++-
 lang/go112/distinfo |  10 +++++-----
 3 files changed, 11 insertions(+), 8 deletions(-)

diffs (62 lines):

diff -r b0fc12cab806 -r babe13527d7c lang/go/version.mk
--- a/lang/go/version.mk        Thu Sep 26 14:52:49 2019 +0000
+++ b/lang/go/version.mk        Thu Sep 26 18:36:46 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.68 2019/09/17 04:39:20 dbj Exp $
+# $NetBSD: version.mk,v 1.69 2019/09/26 18:36:46 bsiegert Exp $
 
 CTF_SUPPORTED=         no
 SSP_SUPPORTED=         no
@@ -6,7 +6,7 @@
 
 .include "../../mk/bsd.prefs.mk"
 
-GO112_VERSION= 1.12.8
+GO112_VERSION= 1.12.10
 GO111_VERSION= 1.11.13
 GO110_VERSION= 1.10.8
 GO19_VERSION=  1.9.7
diff -r b0fc12cab806 -r babe13527d7c lang/go112/PLIST
--- a/lang/go112/PLIST  Thu Sep 26 14:52:49 2019 +0000
+++ b/lang/go112/PLIST  Thu Sep 26 18:36:46 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2019/07/14 15:19:55 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.7 2019/09/26 18:36:46 bsiegert Exp $
 bin/go${GOVERSSUFFIX}
 bin/gofmt${GOVERSSUFFIX}
 go112/AUTHORS
@@ -549,6 +549,8 @@
 go112/misc/cgo/testshared/src/implicit/implicit.go
 go112/misc/cgo/testshared/src/implicitcmd/implicitcmd.go
 go112/misc/cgo/testshared/src/issue25065/a.go
+go112/misc/cgo/testshared/src/issue30768/issue30768lib/lib.go
+go112/misc/cgo/testshared/src/issue30768/x_test.go
 go112/misc/cgo/testshared/src/trivial/trivial.go
 go112/misc/cgo/testsigfwd/main.go
 go112/misc/cgo/testso/cgoso.c
@@ -8356,6 +8358,7 @@
 go112/test/fixedbugs/issue32560.go
 go112/test/fixedbugs/issue32680.go
 go112/test/fixedbugs/issue32680.out
+go112/test/fixedbugs/issue33555.go
 go112/test/fixedbugs/issue3552.dir/one.go
 go112/test/fixedbugs/issue3552.dir/two.go
 go112/test/fixedbugs/issue3552.go
diff -r b0fc12cab806 -r babe13527d7c lang/go112/distinfo
--- a/lang/go112/distinfo       Thu Sep 26 14:52:49 2019 +0000
+++ b/lang/go112/distinfo       Thu Sep 26 18:36:46 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.6 2019/08/14 15:42:52 bsiegert Exp $
+$NetBSD: distinfo,v 1.7 2019/09/26 18:36:46 bsiegert Exp $
 
-SHA1 (go1.12.8.src.tar.gz) = f8f35a7af2795b721d62578b55f43ce638db90db
-RMD160 (go1.12.8.src.tar.gz) = e620fc04e023d88e534c32e6c8334d5c49fbdb87
-SHA512 (go1.12.8.src.tar.gz) = 193a9b08752aa2479c19f5b56fdfe2296c7e6097e0c583290f0fce754ac7571e2ff345f66b69774d8e22f2caa147a3dc15658148017b09e5e7f49fd4569373d4
-Size (go1.12.8.src.tar.gz) = 21978756 bytes
+SHA1 (go1.12.10.src.tar.gz) = 6c11be6b4cef09457b2567bd078a203fad19d675
+RMD160 (go1.12.10.src.tar.gz) = cc0a112d2a6110af11a44a317954eeab428b5c1b
+SHA512 (go1.12.10.src.tar.gz) = 9d40cf8d71daffe43f5872597b316cd1150ae640d852ff0f0be3126cc7bb40b9a0290bb02d7fabdf808f40ab3f67a56d2eaeba3b32299fa9b0a3df03899f6ac2
+Size (go1.12.10.src.tar.gz) = 21980044 bytes
 SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
 SHA1 (patch-src_cmd_link_internal_ld_elf.go) = 990a54e3baf239916e4c7f0c1d54240e2898601a

Prev by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/php-glpi to 9.4.4
Next by Date: [pkgsrc/trunk]: pkgsrc/doc doc: Updated lang/go112 to 1.12.10
Previous by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated www/php-glpi to 9.4.4
Next by Thread: [pkgsrc/trunk]: pkgsrc/doc doc: Updated lang/go112 to 1.12.10
Indexes:

Home | Main Index | Thread Index | Old Index