[pkgsrc/trunk]: pkgsrc/lang/go SECURITY: Update Go to 1.8.2, fixing CVE-2017-...

[bsiegert <bsiegert%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/2020848e6350
branches:  trunk
changeset: 362782:2020848e6350
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Thu May 25 09:06:43 2017 +0000

description:
SECURITY: Update Go to 1.8.2, fixing CVE-2017-8932,
carry bug in x86-64 P-256.

A security-related issue was recently reported in Go's crypto/elliptic package.
To address this issue, we have just released Go 1.7.6 and Go 1.8.2.

The Go team would like to thank Vlad Krasnov and Filippo Valsorda at Cloudflare
for reporting the issue and providing a fix.

The issue affects Go's P-256 implementation on the 64-bit x86 architecture.

This is CVE-2017-8932 and was addressed by this change:
https://golang.org/cl/41070, tracked in this issue:
https://golang.org/issue/20040

diffstat:

 lang/go/Makefile   |   3 +--
 lang/go/distinfo   |  10 +++++-----
 lang/go/version.mk |   4 ++--
 3 files changed, 8 insertions(+), 9 deletions(-)

diffs (47 lines):

diff -r 250aebaf7b52 -r 2020848e6350 lang/go/Makefile
--- a/lang/go/Makefile  Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/Makefile  Thu May 25 09:06:43 2017 +0000
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.51 2017/05/02 17:15:31 fhajny Exp $
+# $NetBSD: Makefile,v 1.52 2017/05/25 09:06:43 bsiegert Exp $
 
 .include "version.mk"
 
 DISTNAME=      go${GO_VERSION}.src
 PKGNAME=       go-${GO_VERSION}
-PKGREVISION=   2
 CATEGORIES=    lang
 MASTER_SITES=  https://storage.googleapis.com/golang/
 
diff -r 250aebaf7b52 -r 2020848e6350 lang/go/distinfo
--- a/lang/go/distinfo  Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/distinfo  Thu May 25 09:06:43 2017 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.48 2017/05/19 18:50:41 fhajny Exp $
+$NetBSD: distinfo,v 1.49 2017/05/25 09:06:43 bsiegert Exp $
 
-SHA1 (go1.8.1.src.tar.gz) = 0c4b7116bd6b7cdc19bdcf8336c75eae4620907b
-RMD160 (go1.8.1.src.tar.gz) = c0251b667a9c34f9dd180aeb8c4c9dce5832b9eb
-SHA512 (go1.8.1.src.tar.gz) = f01fe7b35ac23101610f6fc169b88dafe2edc49b3b044d5d0aff771b05dcb2c8d2e7a5090ed6dbe67f861e78e792ace32e209ed464399ca02dcd186b13ec8037
-Size (go1.8.1.src.tar.gz) = 15331455 bytes
+SHA1 (go1.8.2.src.tar.gz) = ee6f3a670bdabdd1c5aee5c7473c85c5bd10b851
+RMD160 (go1.8.2.src.tar.gz) = 90c7227fcc9a593c52e77126e9350b4707fd5376
+SHA512 (go1.8.2.src.tar.gz) = 7e4f5f9db9134d1d257a8573c3fd58d6c9d30975ef44a91072bcdb8884d87f0030d918f6bc16e06847d95b2d35c4d8b541d5c9023eadd12da44d9794b3c30e68
+Size (go1.8.2.src.tar.gz) = 15331437 bytes
 SHA1 (patch-lib_time_update.bash) = bcf565b97ae7898a9e5cef7686fe42c69bc0bba1
 SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
 SHA1 (patch-src_crypto_x509_root__bsd.go) = 0eca1eafa967268ae9b224be4aeda347ebc91901
diff -r 250aebaf7b52 -r 2020848e6350 lang/go/version.mk
--- a/lang/go/version.mk        Thu May 25 07:50:01 2017 +0000
+++ b/lang/go/version.mk        Thu May 25 09:06:43 2017 +0000
@@ -1,8 +1,8 @@
-# $NetBSD: version.mk,v 1.25 2017/04/30 23:02:09 maya Exp $
+# $NetBSD: version.mk,v 1.26 2017/05/25 09:06:43 bsiegert Exp $
 
 .include "../../mk/bsd.prefs.mk"
 
-GO_VERSION=    1.8.1
+GO_VERSION=    1.8.2
 GO14_VERSION=  1.4.3
 
 ONLY_FOR_PLATFORM=     *-*-i386 *-*-x86_64 *-*-*arm*