[pkgsrc/pkgsrc-2018Q4]: pkgsrc/lang Pullup ticket #5905 - requested by bsiegert

[spz <spz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/080f8639d654
branches:  pkgsrc-2018Q4
changeset: 334064:080f8639d654
user:      spz <spz%pkgsrc.org@localhost>
date:      Fri Feb 08 11:30:52 2019 +0000

description:
Pullup ticket #5905 - requested by bsiegert
lang/go110: security update

Revisions pulled up:
- lang/go/version.mk                                            1.55
- lang/go110/distinfo                                           1.4

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Thu Jan 24 09:33:08 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go110: distinfo

   Log Message:
   Update go110 to 1.10.8 (security).

   This release addresses a recently supported security issue. This DoS
   vulnerability in the crypto/elliptic implementations of the P-521 and P-384
   elliptic curves may let an attacker craft inputs that consume excessive
   amounts of CPU.

   These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
   tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
   key is reused more than once, the attack can also lead to key recovery.

   The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
   See the Go issue for more details.


   To generate a diff of this commit:
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go110/distinfo

diffstat:

 lang/go/version.mk  |   4 ++--
 lang/go110/distinfo |  10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

diffs (36 lines):

diff -r 0b53b4f7611e -r 080f8639d654 lang/go/version.mk
--- a/lang/go/version.mk        Sat Feb 02 04:17:26 2019 +0000
+++ b/lang/go/version.mk        Fri Feb 08 11:30:52 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.53 2018/12/20 17:38:23 jperkin Exp $
+# $NetBSD: version.mk,v 1.53.2.1 2019/02/08 11:30:52 spz Exp $
 
 CTF_SUPPORTED=         no
 SSP_SUPPORTED=         no
@@ -7,7 +7,7 @@
 .include "../../mk/bsd.prefs.mk"
 
 GO111_VERSION= 1.11.4
-GO110_VERSION= 1.10.7
+GO110_VERSION= 1.10.8
 GO19_VERSION=  1.9.7
 GO14_VERSION=  1.4.3
 GO_VERSION=    ${GO110_VERSION}
diff -r 0b53b4f7611e -r 080f8639d654 lang/go110/distinfo
--- a/lang/go110/distinfo       Sat Feb 02 04:17:26 2019 +0000
+++ b/lang/go110/distinfo       Fri Feb 08 11:30:52 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.3 2018/12/15 10:23:32 bsiegert Exp $
+$NetBSD: distinfo,v 1.3.2.1 2019/02/08 11:30:53 spz Exp $
 
-SHA1 (go1.10.7.src.tar.gz) = d083beabcd3c47b36a93ee7067664d0b1733843f
-RMD160 (go1.10.7.src.tar.gz) = cd28953d0b9a059418b846c487a0b1c2e49b0310
-SHA512 (go1.10.7.src.tar.gz) = 798e0ea053b38f4b4f5a6fbdefb30ad09d95b7e8af424bd5f1aa7856bf7ca4e9c9bbd32926e2936f2b332f88a1980e92e6b61862fd9e779edf64f965fd8d1ffe
-Size (go1.10.7.src.tar.gz) = 18333472 bytes
+SHA1 (go1.10.8.src.tar.gz) = 83b92e77db57fe17e1c09f72464d7097b28cbb78
+RMD160 (go1.10.8.src.tar.gz) = 6448de873a974439bb658362d6aa780c7ec29d21
+SHA512 (go1.10.8.src.tar.gz) = c274b99e39b78dfdf6b6b1c4fd6a5a54bff1b3eba55a879413692586ac7f0d30772416dcb5f715213c650946ade649bd424981f77508d92510c717d1845e3ede
+Size (go1.10.8.src.tar.gz) = 18333813 bytes
 SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
 SHA1 (patch-src_cmd_link_internal_ld_elf.go) = 7afd0da4734f201c8b885b743e83e5b70ddb0bf0