diff options
| author | wiz <wiz@pkgsrc.org> | 2014-09-26 13:54:28 +0000 |
|---|---|---|
| committer | wiz <wiz@pkgsrc.org> | 2014-09-26 13:54:28 +0000 |
| commit | 77ad1475aac6f97abca5e526e27bde56164e1d4f (patch) | |
| tree | 2028c3112f62f3c89d19920cd711efdeded55204 /lang/go | |
| parent | 1aa370bc7507e82ce2eab6cda8bd844a8bfe699c (diff) | |
| download | pkgsrc-77ad1475aac6f97abca5e526e27bde56164e1d4f.tar.gz | |
Update to 1.3.2 for a security fix:
We've just released Go version 1.3.2, a minor point release.
This release includes bug fixes to cgo and the crypto/tls package.
https://golang.org/doc/devel/release.html#go1.3.minor
The crpyto/tls fix addresses a security bug that affects programs
that use crypto/tls to implement a TLS server from Go 1.1 onwards.
If the server enables TLS client authentication using certificates
(this is rare) and explicitly sets SessionTicketsDisabled to true
in the tls.Config, then a malicious client can falsely assert
ownership of any client certificate it wishes. This issue was
discovered internally and there is no evidence of exploitation.
Diffstat (limited to 'lang/go')
| -rw-r--r-- | lang/go/Makefile | 4 | ||||
| -rw-r--r-- | lang/go/PLIST | 5 | ||||
| -rw-r--r-- | lang/go/distinfo | 8 |
3 files changed, 10 insertions, 7 deletions
diff --git a/lang/go/Makefile b/lang/go/Makefile index 59db3967f8c..3e036238f4b 100644 --- a/lang/go/Makefile +++ b/lang/go/Makefile @@ -1,6 +1,6 @@ -# $NetBSD: Makefile,v 1.17 2014/08/17 15:17:42 wiz Exp $ +# $NetBSD: Makefile,v 1.18 2014/09/26 13:54:28 wiz Exp $ -VERSION= 1.3.1 +VERSION= 1.3.2 DISTNAME= go${VERSION}.src PKGNAME= go-${VERSION} CATEGORIES= lang diff --git a/lang/go/PLIST b/lang/go/PLIST index 1cd4c6eb6fa..9b685a69789 100644 --- a/lang/go/PLIST +++ b/lang/go/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.11 2014/08/17 15:17:42 wiz Exp $ +@comment $NetBSD: PLIST,v 1.12 2014/09/26 13:54:28 wiz Exp $ bin/go bin/gofmt go/AUTHORS @@ -286,6 +286,7 @@ go/misc/cgo/test/issue7560.go go/misc/cgo/test/issue7665.go go/misc/cgo/test/issue7695_test.go go/misc/cgo/test/issue7786.go +go/misc/cgo/test/issue7978.go go/misc/cgo/test/issue8148.go go/misc/cgo/test/issue8331.h go/misc/cgo/test/issue8331a.go @@ -1350,11 +1351,13 @@ go/src/pkg/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven go/src/pkg/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven go/src/pkg/crypto/tls/testdata/Server-TLSv12-ECDHE-ECDSA-AES go/src/pkg/crypto/tls/testdata/Server-TLSv12-IssueTicket +go/src/pkg/crypto/tls/testdata/Server-TLSv12-IssueTicketPreDisable go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-3DES go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-AES go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-AES-GCM go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-RC4 go/src/pkg/crypto/tls/testdata/Server-TLSv12-Resume +go/src/pkg/crypto/tls/testdata/Server-TLSv12-ResumeDisabled go/src/pkg/crypto/tls/testdata/Server-TLSv12-SNI go/src/pkg/crypto/tls/ticket.go go/src/pkg/crypto/tls/tls.go diff --git a/lang/go/distinfo b/lang/go/distinfo index ad26eb25d0e..d55cdaa2deb 100644 --- a/lang/go/distinfo +++ b/lang/go/distinfo @@ -1,6 +1,6 @@ -$NetBSD: distinfo,v 1.12 2014/08/17 15:17:42 wiz Exp $ +$NetBSD: distinfo,v 1.13 2014/09/26 13:54:28 wiz Exp $ -SHA1 (go1.3.1.src.tar.gz) = bc296c9c305bacfbd7bff9e1b54f6f66ae421e6e -RMD160 (go1.3.1.src.tar.gz) = f5b15f441075f3541ee4bacebf55c88ccdb7ed8c -Size (go1.3.1.src.tar.gz) = 10047964 bytes +SHA1 (go1.3.2.src.tar.gz) = 67d3a692588c259f9fe9dca5b80109e5b99271df +RMD160 (go1.3.2.src.tar.gz) = d81642869b9f044f98f8386ee936a5872763c4cf +Size (go1.3.2.src.tar.gz) = 10049331 bytes SHA1 (patch-src_cmd_go_build.go) = 1ac7a9d77e8061b0f1184ebe59c7600f61da61e2 |