summaryrefslogtreecommitdiff
path: root/lang
diff options
context:
space:
mode:
authorwiz <wiz@pkgsrc.org>2014-09-26 13:54:28 +0000
committerwiz <wiz@pkgsrc.org>2014-09-26 13:54:28 +0000
commit77ad1475aac6f97abca5e526e27bde56164e1d4f (patch)
tree2028c3112f62f3c89d19920cd711efdeded55204 /lang
parent1aa370bc7507e82ce2eab6cda8bd844a8bfe699c (diff)
downloadpkgsrc-77ad1475aac6f97abca5e526e27bde56164e1d4f.tar.gz
Update to 1.3.2 for a security fix:
We've just released Go version 1.3.2, a minor point release. This release includes bug fixes to cgo and the crypto/tls package. https://golang.org/doc/devel/release.html#go1.3.minor The crpyto/tls fix addresses a security bug that affects programs that use crypto/tls to implement a TLS server from Go 1.1 onwards. If the server enables TLS client authentication using certificates (this is rare) and explicitly sets SessionTicketsDisabled to true in the tls.Config, then a malicious client can falsely assert ownership of any client certificate it wishes. This issue was discovered internally and there is no evidence of exploitation.
Diffstat (limited to 'lang')
-rw-r--r--lang/go/Makefile4
-rw-r--r--lang/go/PLIST5
-rw-r--r--lang/go/distinfo8
3 files changed, 10 insertions, 7 deletions
diff --git a/lang/go/Makefile b/lang/go/Makefile
index 59db3967f8c..3e036238f4b 100644
--- a/lang/go/Makefile
+++ b/lang/go/Makefile
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile,v 1.17 2014/08/17 15:17:42 wiz Exp $
+# $NetBSD: Makefile,v 1.18 2014/09/26 13:54:28 wiz Exp $
-VERSION= 1.3.1
+VERSION= 1.3.2
DISTNAME= go${VERSION}.src
PKGNAME= go-${VERSION}
CATEGORIES= lang
diff --git a/lang/go/PLIST b/lang/go/PLIST
index 1cd4c6eb6fa..9b685a69789 100644
--- a/lang/go/PLIST
+++ b/lang/go/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.11 2014/08/17 15:17:42 wiz Exp $
+@comment $NetBSD: PLIST,v 1.12 2014/09/26 13:54:28 wiz Exp $
bin/go
bin/gofmt
go/AUTHORS
@@ -286,6 +286,7 @@ go/misc/cgo/test/issue7560.go
go/misc/cgo/test/issue7665.go
go/misc/cgo/test/issue7695_test.go
go/misc/cgo/test/issue7786.go
+go/misc/cgo/test/issue7978.go
go/misc/cgo/test/issue8148.go
go/misc/cgo/test/issue8331.h
go/misc/cgo/test/issue8331a.go
@@ -1350,11 +1351,13 @@ go/src/pkg/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedAndGiven
go/src/pkg/crypto/tls/testdata/Server-TLSv12-ClientAuthRequestedNotGiven
go/src/pkg/crypto/tls/testdata/Server-TLSv12-ECDHE-ECDSA-AES
go/src/pkg/crypto/tls/testdata/Server-TLSv12-IssueTicket
+go/src/pkg/crypto/tls/testdata/Server-TLSv12-IssueTicketPreDisable
go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-3DES
go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-AES
go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-AES-GCM
go/src/pkg/crypto/tls/testdata/Server-TLSv12-RSA-RC4
go/src/pkg/crypto/tls/testdata/Server-TLSv12-Resume
+go/src/pkg/crypto/tls/testdata/Server-TLSv12-ResumeDisabled
go/src/pkg/crypto/tls/testdata/Server-TLSv12-SNI
go/src/pkg/crypto/tls/ticket.go
go/src/pkg/crypto/tls/tls.go
diff --git a/lang/go/distinfo b/lang/go/distinfo
index ad26eb25d0e..d55cdaa2deb 100644
--- a/lang/go/distinfo
+++ b/lang/go/distinfo
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.12 2014/08/17 15:17:42 wiz Exp $
+$NetBSD: distinfo,v 1.13 2014/09/26 13:54:28 wiz Exp $
-SHA1 (go1.3.1.src.tar.gz) = bc296c9c305bacfbd7bff9e1b54f6f66ae421e6e
-RMD160 (go1.3.1.src.tar.gz) = f5b15f441075f3541ee4bacebf55c88ccdb7ed8c
-Size (go1.3.1.src.tar.gz) = 10047964 bytes
+SHA1 (go1.3.2.src.tar.gz) = 67d3a692588c259f9fe9dca5b80109e5b99271df
+RMD160 (go1.3.2.src.tar.gz) = d81642869b9f044f98f8386ee936a5872763c4cf
+Size (go1.3.2.src.tar.gz) = 10049331 bytes
SHA1 (patch-src_cmd_go_build.go) = 1ac7a9d77e8061b0f1184ebe59c7600f61da61e2