[pkgsrc/trunk]: pkgsrc/lang Update go110 to 1.10.8 (security).

[bsiegert <bsiegert%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/43ffe7d088f9
branches:  trunk
changeset: 318339:43ffe7d088f9
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Thu Jan 24 09:33:08 2019 +0000

description:
Update go110 to 1.10.8 (security).

This release addresses a recently supported security issue. This DoS
vulnerability in the crypto/elliptic implementations of the P-521 and P-384
elliptic curves may let an attacker craft inputs that consume excessive
amounts of CPU.

These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
key is reused more than once, the attack can also lead to key recovery.

The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
See the Go issue for more details.

diffstat:

 lang/go/version.mk  |   4 ++--
 lang/go110/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (36 lines):

diff -r a942f6b1681a -r 43ffe7d088f9 lang/go/version.mk
--- a/lang/go/version.mk        Thu Jan 24 09:31:46 2019 +0000
+++ b/lang/go/version.mk        Thu Jan 24 09:33:08 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.54 2019/01/24 09:26:21 bsiegert Exp $
+# $NetBSD: version.mk,v 1.55 2019/01/24 09:33:08 bsiegert Exp $
 
 CTF_SUPPORTED=         no
 SSP_SUPPORTED=         no
@@ -7,7 +7,7 @@
 .include "../../mk/bsd.prefs.mk"
 
 GO111_VERSION= 1.11.5
-GO110_VERSION= 1.10.7
+GO110_VERSION= 1.10.8
 GO19_VERSION=  1.9.7
 GO14_VERSION=  1.4.3
 GO_VERSION=    ${GO110_VERSION}
diff -r a942f6b1681a -r 43ffe7d088f9 lang/go110/distinfo
--- a/lang/go110/distinfo       Thu Jan 24 09:31:46 2019 +0000
+++ b/lang/go110/distinfo       Thu Jan 24 09:33:08 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.3 2018/12/15 10:23:32 bsiegert Exp $
+$NetBSD: distinfo,v 1.4 2019/01/24 09:33:08 bsiegert Exp $
 
-SHA1 (go1.10.7.src.tar.gz) = d083beabcd3c47b36a93ee7067664d0b1733843f
-RMD160 (go1.10.7.src.tar.gz) = cd28953d0b9a059418b846c487a0b1c2e49b0310
-SHA512 (go1.10.7.src.tar.gz) = 798e0ea053b38f4b4f5a6fbdefb30ad09d95b7e8af424bd5f1aa7856bf7ca4e9c9bbd32926e2936f2b332f88a1980e92e6b61862fd9e779edf64f965fd8d1ffe
-Size (go1.10.7.src.tar.gz) = 18333472 bytes
+SHA1 (go1.10.8.src.tar.gz) = 83b92e77db57fe17e1c09f72464d7097b28cbb78
+RMD160 (go1.10.8.src.tar.gz) = 6448de873a974439bb658362d6aa780c7ec29d21
+SHA512 (go1.10.8.src.tar.gz) = c274b99e39b78dfdf6b6b1c4fd6a5a54bff1b3eba55a879413692586ac7f0d30772416dcb5f715213c650946ade649bd424981f77508d92510c717d1845e3ede
+Size (go1.10.8.src.tar.gz) = 18333813 bytes
 SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
 SHA1 (patch-src_cmd_link_internal_ld_elf.go) = 7afd0da4734f201c8b885b743e83e5b70ddb0bf0