CVS commit: pkgsrc/lang

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/lang
From: "Benny Siegert" <bsiegert%netbsd.org@localhost>
Date: Tue, 13 Jul 2021 10:12:00 +0000

Module Name:    pkgsrc
Committed By:   bsiegert
Date:           Tue Jul 13 10:12:00 UTC 2021

Modified Files:
        pkgsrc/lang/go: version.mk
        pkgsrc/lang/go116: Makefile PLIST distinfo

Log Message:
Update go116 to 1.16.6.

This minor release includes a security fix according to the new security policy.

crypto/tls clients can panic when provided a certificate of the wrong type for
the negotiated parameters. net/http clients performing HTTPS requests are also
affected. The panic can be triggered by an attacker in a privileged network
position without access to the server certificate's private key, as long as a
trusted ECDSA or Ed25519 certificate for the server exists (or can be issued),
or the client is configured with Config.InsecureSkipVerify. Clients that
disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher
suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.

This is issue 47143 and CVE-2021-34558. Thanks to Imre Rad for reporting this
issue.


To generate a diff of this commit:
cvs rdiff -u -r1.121 -r1.122 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.5 -r1.6 pkgsrc/lang/go116/Makefile
cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/go116/PLIST
cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go116/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/lang/go/version.mk
diff -u pkgsrc/lang/go/version.mk:1.121 pkgsrc/lang/go/version.mk:1.122
--- pkgsrc/lang/go/version.mk:1.121     Tue Jul 13 10:05:08 2021
+++ pkgsrc/lang/go/version.mk   Tue Jul 13 10:12:00 2021
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.121 2021/07/13 10:05:08 bsiegert Exp $
+# $NetBSD: version.mk,v 1.122 2021/07/13 10:12:00 bsiegert Exp $
 
 #
 # If bsd.prefs.mk is included before go-package.mk in a package, then this
@@ -6,7 +6,7 @@
 #
 .include "go-vars.mk"
 
-GO116_VERSION= 1.16.5
+GO116_VERSION= 1.16.6
 GO115_VERSION= 1.15.14
 GO110_VERSION= 1.10.8
 GO19_VERSION=  1.9.7

Index: pkgsrc/lang/go116/Makefile
diff -u pkgsrc/lang/go116/Makefile:1.5 pkgsrc/lang/go116/Makefile:1.6
--- pkgsrc/lang/go116/Makefile:1.5      Mon May 24 19:52:33 2021
+++ pkgsrc/lang/go116/Makefile  Tue Jul 13 10:12:00 2021
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.5 2021/05/24 19:52:33 wiz Exp $
+# $NetBSD: Makefile,v 1.6 2021/07/13 10:12:00 bsiegert Exp $
 
-PKGREVISION= 1
 .include "../../lang/go/version.mk"
 .include "../../lang/go/bootstrap.mk"
 

Index: pkgsrc/lang/go116/PLIST
diff -u pkgsrc/lang/go116/PLIST:1.6 pkgsrc/lang/go116/PLIST:1.7
--- pkgsrc/lang/go116/PLIST:1.6 Sat Jun  5 12:40:07 2021
+++ pkgsrc/lang/go116/PLIST     Tue Jul 13 10:12:00 2021
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2021/06/05 12:40:07 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.7 2021/07/13 10:12:00 bsiegert Exp $
 bin/go${GOVERSSUFFIX}
 bin/gofmt${GOVERSSUFFIX}
 go116/AUTHORS
@@ -9194,6 +9194,9 @@ go116/test/fixedbugs/issue4618.go
 go116/test/fixedbugs/issue4620.go
 go116/test/fixedbugs/issue4654.go
 go116/test/fixedbugs/issue4663.go
+go116/test/fixedbugs/issue46653.dir/bad/bad.go
+go116/test/fixedbugs/issue46653.dir/main.go
+go116/test/fixedbugs/issue46653.go
 go116/test/fixedbugs/issue4667.go
 go116/test/fixedbugs/issue4734.go
 go116/test/fixedbugs/issue4748.go

Index: pkgsrc/lang/go116/distinfo
diff -u pkgsrc/lang/go116/distinfo:1.8 pkgsrc/lang/go116/distinfo:1.9
--- pkgsrc/lang/go116/distinfo:1.8      Sat Jun  5 12:40:07 2021
+++ pkgsrc/lang/go116/distinfo  Tue Jul 13 10:12:00 2021
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.8 2021/06/05 12:40:07 bsiegert Exp $
+$NetBSD: distinfo,v 1.9 2021/07/13 10:12:00 bsiegert Exp $
 
-SHA1 (go1.16.5.src.tar.gz) = b3d00525ea5af180149fafca8da730c6f988f29f
-RMD160 (go1.16.5.src.tar.gz) = dfbe9538c56f60215d699b611aac1db182751e5c
-SHA512 (go1.16.5.src.tar.gz) = ba90ce1f3faa39519eb5437009c4b710b493e42764a14b0821292a8a17b714fe5985ef20e6e3c340f71cb521ff63d45a23570d38fd752526a1262448c641d544
-Size (go1.16.5.src.tar.gz) = 20921372 bytes
+SHA1 (go1.16.6.src.tar.gz) = 047772552a78bb6d20682425e38d43dc4d94ad3f
+RMD160 (go1.16.6.src.tar.gz) = 9e8e85819c17977d8b4ffbe6afe8fa00d2946269
+SHA512 (go1.16.6.src.tar.gz) = 82634763dce636c9e9cba1bbf74a669e8b88e6df095e80672f295edb82cc1fc4b8ffde91a1f56c3470f2c4d9ee0404f65146d7478b645890623f6c463513a61f
+Size (go1.16.6.src.tar.gz) = 20923044 bytes
 SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
 SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/doc
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/doc
Indexes:

Home | Main Index | Thread Index | Old Index