diff options
author | bsiegert <bsiegert@pkgsrc.org> | 2019-01-24 09:33:08 +0000 |
---|---|---|
committer | bsiegert <bsiegert@pkgsrc.org> | 2019-01-24 09:33:08 +0000 |
commit | ac20946eb6069be61fe17d33826487f6920a12c8 (patch) | |
tree | 68630a17aa23acb661f47890f341d5523209b8fa | |
parent | 38d475378e33043394fca5fe884566729335b39c (diff) | |
download | pkgsrc-ac20946eb6069be61fe17d33826487f6920a12c8.tar.gz |
Update go110 to 1.10.8 (security).
This release addresses a recently supported security issue. This DoS
vulnerability in the crypto/elliptic implementations of the P-521 and P-384
elliptic curves may let an attacker craft inputs that consume excessive
amounts of CPU.
These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
key is reused more than once, the attack can also lead to key recovery.
The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
See the Go issue for more details.
-rw-r--r-- | lang/go/version.mk | 4 | ||||
-rw-r--r-- | lang/go110/distinfo | 10 |
2 files changed, 7 insertions, 7 deletions
diff --git a/lang/go/version.mk b/lang/go/version.mk index 6c7902abd71..315e6489bab 100644 --- a/lang/go/version.mk +++ b/lang/go/version.mk @@ -1,4 +1,4 @@ -# $NetBSD: version.mk,v 1.54 2019/01/24 09:26:21 bsiegert Exp $ +# $NetBSD: version.mk,v 1.55 2019/01/24 09:33:08 bsiegert Exp $ CTF_SUPPORTED= no SSP_SUPPORTED= no @@ -7,7 +7,7 @@ STRIP_DEBUG_SUPPORTED= no .include "../../mk/bsd.prefs.mk" GO111_VERSION= 1.11.5 -GO110_VERSION= 1.10.7 +GO110_VERSION= 1.10.8 GO19_VERSION= 1.9.7 GO14_VERSION= 1.4.3 GO_VERSION= ${GO110_VERSION} diff --git a/lang/go110/distinfo b/lang/go110/distinfo index 3e2833116f6..0518ff430ec 100644 --- a/lang/go110/distinfo +++ b/lang/go110/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.3 2018/12/15 10:23:32 bsiegert Exp $ +$NetBSD: distinfo,v 1.4 2019/01/24 09:33:08 bsiegert Exp $ -SHA1 (go1.10.7.src.tar.gz) = d083beabcd3c47b36a93ee7067664d0b1733843f -RMD160 (go1.10.7.src.tar.gz) = cd28953d0b9a059418b846c487a0b1c2e49b0310 -SHA512 (go1.10.7.src.tar.gz) = 798e0ea053b38f4b4f5a6fbdefb30ad09d95b7e8af424bd5f1aa7856bf7ca4e9c9bbd32926e2936f2b332f88a1980e92e6b61862fd9e779edf64f965fd8d1ffe -Size (go1.10.7.src.tar.gz) = 18333472 bytes +SHA1 (go1.10.8.src.tar.gz) = 83b92e77db57fe17e1c09f72464d7097b28cbb78 +RMD160 (go1.10.8.src.tar.gz) = 6448de873a974439bb658362d6aa780c7ec29d21 +SHA512 (go1.10.8.src.tar.gz) = c274b99e39b78dfdf6b6b1c4fd6a5a54bff1b3eba55a879413692586ac7f0d30772416dcb5f715213c650946ade649bd424981f77508d92510c717d1845e3ede +Size (go1.10.8.src.tar.gz) = 18333813 bytes SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29 SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e SHA1 (patch-src_cmd_link_internal_ld_elf.go) = 7afd0da4734f201c8b885b743e83e5b70ddb0bf0 |