pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/lang/go SECURITY: Update Go to 1.8.2, fixing CVE-2017-...
details: https://anonhg.NetBSD.org/pkgsrc/rev/2020848e6350
branches: trunk
changeset: 362782:2020848e6350
user: bsiegert <bsiegert%pkgsrc.org@localhost>
date: Thu May 25 09:06:43 2017 +0000
description:
SECURITY: Update Go to 1.8.2, fixing CVE-2017-8932,
carry bug in x86-64 P-256.
A security-related issue was recently reported in Go's crypto/elliptic package.
To address this issue, we have just released Go 1.7.6 and Go 1.8.2.
The Go team would like to thank Vlad Krasnov and Filippo Valsorda at Cloudflare
for reporting the issue and providing a fix.
The issue affects Go's P-256 implementation on the 64-bit x86 architecture.
This is CVE-2017-8932 and was addressed by this change:
https://golang.org/cl/41070, tracked in this issue:
https://golang.org/issue/20040
diffstat:
lang/go/Makefile | 3 +--
lang/go/distinfo | 10 +++++-----
lang/go/version.mk | 4 ++--
3 files changed, 8 insertions(+), 9 deletions(-)
diffs (47 lines):
diff -r 250aebaf7b52 -r 2020848e6350 lang/go/Makefile
--- a/lang/go/Makefile Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/Makefile Thu May 25 09:06:43 2017 +0000
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.51 2017/05/02 17:15:31 fhajny Exp $
+# $NetBSD: Makefile,v 1.52 2017/05/25 09:06:43 bsiegert Exp $
.include "version.mk"
DISTNAME= go${GO_VERSION}.src
PKGNAME= go-${GO_VERSION}
-PKGREVISION= 2
CATEGORIES= lang
MASTER_SITES= https://storage.googleapis.com/golang/
diff -r 250aebaf7b52 -r 2020848e6350 lang/go/distinfo
--- a/lang/go/distinfo Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/distinfo Thu May 25 09:06:43 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.48 2017/05/19 18:50:41 fhajny Exp $
+$NetBSD: distinfo,v 1.49 2017/05/25 09:06:43 bsiegert Exp $
-SHA1 (go1.8.1.src.tar.gz) = 0c4b7116bd6b7cdc19bdcf8336c75eae4620907b
-RMD160 (go1.8.1.src.tar.gz) = c0251b667a9c34f9dd180aeb8c4c9dce5832b9eb
-SHA512 (go1.8.1.src.tar.gz) = f01fe7b35ac23101610f6fc169b88dafe2edc49b3b044d5d0aff771b05dcb2c8d2e7a5090ed6dbe67f861e78e792ace32e209ed464399ca02dcd186b13ec8037
-Size (go1.8.1.src.tar.gz) = 15331455 bytes
+SHA1 (go1.8.2.src.tar.gz) = ee6f3a670bdabdd1c5aee5c7473c85c5bd10b851
+RMD160 (go1.8.2.src.tar.gz) = 90c7227fcc9a593c52e77126e9350b4707fd5376
+SHA512 (go1.8.2.src.tar.gz) = 7e4f5f9db9134d1d257a8573c3fd58d6c9d30975ef44a91072bcdb8884d87f0030d918f6bc16e06847d95b2d35c4d8b541d5c9023eadd12da44d9794b3c30e68
+Size (go1.8.2.src.tar.gz) = 15331437 bytes
SHA1 (patch-lib_time_update.bash) = bcf565b97ae7898a9e5cef7686fe42c69bc0bba1
SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
SHA1 (patch-src_crypto_x509_root__bsd.go) = 0eca1eafa967268ae9b224be4aeda347ebc91901
diff -r 250aebaf7b52 -r 2020848e6350 lang/go/version.mk
--- a/lang/go/version.mk Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/version.mk Thu May 25 09:06:43 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: version.mk,v 1.25 2017/04/30 23:02:09 maya Exp $
+# $NetBSD: version.mk,v 1.26 2017/05/25 09:06:43 bsiegert Exp $
.include "../../mk/bsd.prefs.mk"
-GO_VERSION= 1.8.1
+GO_VERSION= 1.8.2
GO14_VERSION= 1.4.3
ONLY_FOR_PLATFORM= *-*-i386 *-*-x86_64 *-*-*arm*
Home |
Main Index |
Thread Index |
Old Index