pkgsrc-Changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
CVS commit: pkgsrc/lang
Module Name: pkgsrc
Committed By: bsiegert
Date: Mon Mar 7 08:44:52 UTC 2022
Modified Files:
pkgsrc/lang/go: version.mk
pkgsrc/lang/go117: PLIST distinfo
Log Message:
Update go117 to 1.17.8 (security).
This minor release includes a security fix following the security policy:
regexp: stack exhaustion compiling deeply nested expressions
On 64-bit platforms, an extremely deeply nested expression can cause
regexp.Compile to cause goroutine stack exhaustion, forcing the program to
exit. Note this applies to very large expressions, on the order of 2MB.
Thanks to Juho Nurminen of Mattermost for reporting this.
This is CVE-2022-24921 and https://go.dev/issue/51112.
To generate a diff of this commit:
cvs rdiff -u -r1.142 -r1.143 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.6 -r1.7 pkgsrc/lang/go117/PLIST
cvs rdiff -u -r1.13 -r1.14 pkgsrc/lang/go117/distinfo
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: pkgsrc/lang/go/version.mk
diff -u pkgsrc/lang/go/version.mk:1.142 pkgsrc/lang/go/version.mk:1.143
--- pkgsrc/lang/go/version.mk:1.142 Sun Mar 6 09:53:43 2022
+++ pkgsrc/lang/go/version.mk Mon Mar 7 08:44:52 2022
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.142 2022/03/06 09:53:43 bsiegert Exp $
+# $NetBSD: version.mk,v 1.143 2022/03/07 08:44:52 bsiegert Exp $
#
# If bsd.prefs.mk is included before go-package.mk in a package, then this
@@ -6,7 +6,7 @@
#
.include "go-vars.mk"
-GO117_VERSION= 1.17.7
+GO117_VERSION= 1.17.8
GO116_VERSION= 1.16.15
GO110_VERSION= 1.10.8
GO19_VERSION= 1.9.7
Index: pkgsrc/lang/go117/PLIST
diff -u pkgsrc/lang/go117/PLIST:1.6 pkgsrc/lang/go117/PLIST:1.7
--- pkgsrc/lang/go117/PLIST:1.6 Sat Feb 12 20:14:01 2022
+++ pkgsrc/lang/go117/PLIST Mon Mar 7 08:44:52 2022
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.6 2022/02/12 20:14:01 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.7 2022/03/07 08:44:52 bsiegert Exp $
bin/go${GOVERSSUFFIX}
bin/gofmt${GOVERSSUFFIX}
go117/AUTHORS
@@ -4237,6 +4237,7 @@ go117/src/crypto/x509/internal/macos/sec
go117/src/crypto/x509/internal/macos/security.s
go117/src/crypto/x509/name_constraints_test.go
go117/src/crypto/x509/parser.go
+go117/src/crypto/x509/parser_test.go
go117/src/crypto/x509/pem_decrypt.go
go117/src/crypto/x509/pem_decrypt_test.go
go117/src/crypto/x509/pkcs1.go
@@ -10043,6 +10044,7 @@ go117/test/fixedbugs/issue5089.go
go117/test/fixedbugs/issue5105.dir/a.go
go117/test/fixedbugs/issue5105.dir/b.go
go117/test/fixedbugs/issue5105.go
+go117/test/fixedbugs/issue51101.go
go117/test/fixedbugs/issue5125.dir/bug.go
go117/test/fixedbugs/issue5125.dir/main.go
go117/test/fixedbugs/issue5125.go
Index: pkgsrc/lang/go117/distinfo
diff -u pkgsrc/lang/go117/distinfo:1.13 pkgsrc/lang/go117/distinfo:1.14
--- pkgsrc/lang/go117/distinfo:1.13 Sat Feb 12 20:14:01 2022
+++ pkgsrc/lang/go117/distinfo Mon Mar 7 08:44:52 2022
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.13 2022/02/12 20:14:01 bsiegert Exp $
+$NetBSD: distinfo,v 1.14 2022/03/07 08:44:52 bsiegert Exp $
-BLAKE2s (go1.17.7.src.tar.gz) = 8f04f9f8153f9a0dbd75898a49a9d1298b84a73d486460706a75ba81f9970dac
-SHA512 (go1.17.7.src.tar.gz) = ee20a97d19e501ee2c11930548bcacfa8b1e8499bbae15659231548f4b03c13bc92bb20c4ce879f0956c02268e748c73ba56d8b140ce8f134501c33cc8b58d3c
-Size (go1.17.7.src.tar.gz) = 22195583 bytes
+BLAKE2s (go1.17.8.src.tar.gz) = c974cde147bb2bd4e149b6d06f253be12ae6e4838170957c0a17c94cedaf6830
+SHA512 (go1.17.8.src.tar.gz) = 21d5c51ce62bc3b987dd5bf7c6b7e1a934fe40582bfbbe99ca80c26d41253e796a4b9d02c571f1e5ab3fd7c3950175e23b9929b0d934f421c96a6d6128c44668
+Size (go1.17.8.src.tar.gz) = 22199282 bytes
SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
SHA1 (patch-src_cmd_dist_util.go) = 2d9c2f59e27672d56f5f1a0e3f9d5101a05546a7
SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e
Home |
Main Index |
Thread Index |
Old Index