[pkgsrc/trunk]: pkgsrc/lang Update go116 to 1.16.15.

[bsiegert <bsiegert%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/d470595962eb
branches:  trunk
changeset: 375062:d470595962eb
user:      bsiegert <bsiegert%pkgsrc.org@localhost>
date:      Sun Mar 06 09:53:43 2022 +0000

description:
Update go116 to 1.16.15.

This minor release includes a security fix following the security policy:

regexp: stack exhaustion compiling deeply nested expressions

On 64-bit platforms, an extremely deeply nested expression can cause
regexp.Compile to cause goroutine stack exhaustion, forcing the program to
exit. Note this applies to very large expressions, on the order of 2MB.

Thanks to Juho Nurminen of Mattermost for reporting this.

This is CVE-2022-24921 and https://go.dev/issue/51112.

diffstat:

 lang/go/version.mk  |  4 ++--
 lang/go116/PLIST    |  3 ++-
 lang/go116/distinfo |  8 ++++----
 3 files changed, 8 insertions(+), 7 deletions(-)

diffs (51 lines):

diff -r cdc62a5bbf05 -r d470595962eb lang/go/version.mk
--- a/lang/go/version.mk        Sun Mar 06 09:34:06 2022 +0000
+++ b/lang/go/version.mk        Sun Mar 06 09:53:43 2022 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.141 2022/02/12 20:14:01 bsiegert Exp $
+# $NetBSD: version.mk,v 1.142 2022/03/06 09:53:43 bsiegert Exp $
 
 #
 # If bsd.prefs.mk is included before go-package.mk in a package, then this
@@ -7,7 +7,7 @@
 .include "go-vars.mk"
 
 GO117_VERSION= 1.17.7
-GO116_VERSION= 1.16.14
+GO116_VERSION= 1.16.15
 GO110_VERSION= 1.10.8
 GO19_VERSION=  1.9.7
 GO14_VERSION=  1.4.3
diff -r cdc62a5bbf05 -r d470595962eb lang/go116/PLIST
--- a/lang/go116/PLIST  Sun Mar 06 09:34:06 2022 +0000
+++ b/lang/go116/PLIST  Sun Mar 06 09:53:43 2022 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.12 2022/02/12 19:52:40 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.13 2022/03/06 09:53:43 bsiegert Exp $
 bin/go${GOVERSSUFFIX}
 bin/gofmt${GOVERSSUFFIX}
 go116/AUTHORS
@@ -9237,6 +9237,7 @@
 go116/test/fixedbugs/issue5105.dir/a.go
 go116/test/fixedbugs/issue5105.dir/b.go
 go116/test/fixedbugs/issue5105.go
+go116/test/fixedbugs/issue51101.go
 go116/test/fixedbugs/issue5125.dir/bug.go
 go116/test/fixedbugs/issue5125.dir/main.go
 go116/test/fixedbugs/issue5125.go
diff -r cdc62a5bbf05 -r d470595962eb lang/go116/distinfo
--- a/lang/go116/distinfo       Sun Mar 06 09:34:06 2022 +0000
+++ b/lang/go116/distinfo       Sun Mar 06 09:53:43 2022 +0000
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.20 2022/02/12 19:52:40 bsiegert Exp $
+$NetBSD: distinfo,v 1.21 2022/03/06 09:53:43 bsiegert Exp $
 
-BLAKE2s (go1.16.14.src.tar.gz) = 4cea58059f72e37c0d72513211f901f2fbe3c9956fb361d2bf82eae389556c7d
-SHA512 (go1.16.14.src.tar.gz) = cd613d94d3c476a61bf9c3a7bb4f6f6c55a2b5c2732837e31bff4ca1f96941e42b2daa39ce3a8fced1a3808206c9711fc1c6cfe8c950b93b18179116478eef4e
-Size (go1.16.14.src.tar.gz) = 20932846 bytes
+BLAKE2s (go1.16.15.src.tar.gz) = 78b23f96c75e8b159b3f49ff49c7f1930890d88815865bfb2906a70634cf6290
+SHA512 (go1.16.15.src.tar.gz) = 5b7fd234e6eb3db173ec536ac599a8c640eb4b0e8abeb16f7728efb6d7c927c41a7e8631505ba6983f565f0470a37458e60d8df33089f7ab773c250b44413e66
+Size (go1.16.15.src.tar.gz) = 20936353 bytes
 SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
 SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e