./lang/go, The Go programming language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.9.2, Package name: go-1.9.2, Maintainer: bsiegert

The Go programming language is an open source project to make
programmers more productive.

Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of
multicore and networked machines, while its novel type system enables
flexible and modular program construction. Go compiles quickly to
machine code yet has the convenience of garbage collection and the power
of run-time reflection. It's a fast, statically typed, compiled language
that feels like a dynamically typed, interpreted language.


Required to run:
[lang/perl5] [shells/bash]

Required to build:
[lang/go14]

Master sites:

SHA1: 8a51dbdf51d6ee0e058b7de7c7606dbea23dfeec
RMD160: f8ae6b41af3f450b0d9a3d33aa9e0d5df39904d4
Filesize: 15999.601 KB

Version history: (Expand)


CVS history: (Expand)


   2017-11-14 10:53:53 by Thomas Klausner | Files touched by this commit (1)
Log message:
lang/go: remove references to non-existent files
   2017-10-28 20:20:14 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
Update Go to 1.9.2.

This release includes fixes to the compiler, linker, runtime, documentation,
go command, and the crypto/x509, database/sql, log, and net/smtp packages. It
includes a fix to a bug introduced in Go 1.9.1 that broke "go get"
of non-Git repositories under certain conditions.
   2017-10-06 20:38:25 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update Go to 1.9.1 (security fix).

Two security-related issues were recently reported.
To address this issue, we have just released Go 1.8.4 and Go 1.9.1.

We recommend that all users update to one of these releases (if you're not sure
which, choose Go 1.9.1).

The issues addressed by these releases are:

By nesting a git checkout inside another version control repository, it was
possible for an attacker to trick the "go get" command into executing \ 
arbitrary
code. The go command now refuses to use version control checkouts found inside
other version control systems, with an exception for git submodules (git inside
git).
The issue is tracked as https://golang.org/issue/22125 (Go 1.8.4) and
https://golang.org/issue/22131 (Go 1.9.1). Fixes are linked from the issues.
Thanks to Simon Rawet for the report.

In the smtp package, PlainAuth is documented as sending credentials only over
authenticated, encrypted TLS connections, but it was changed in Go 1.1 to also
send credentials on non-TLS connections when the remote server advertises that
PLAIN authentication is supported. The change was meant to allow use of PLAIN
authentication on localhost, but it has the effect of allowing a
man-in-the-middle attacker to harvest credentials. PlainAuth now requires
either TLS or a localhost connection before sending credentials, regardless of
what the remote server claims.
This issue is tracked as https://golang.org/issue/22134 (Go 1.8.4) and
https://golang.org/issue/22133 (Go 1.9.1). Fixes are linked from the issues.
Thanks to Stevie Johnstone for the report.
   2017-10-04 12:03:53 by Jonathan Perkin | Files touched by this commit (2)
Log message:
go*: Disable SSP checks for similar reasons as RELRO.
   2017-09-03 18:49:52 by Matthias Scheler | Files touched by this commit (1)
Log message:
Use bsdtar instead of GNU Tar to extract the distribution archive
as suggested by wizd(8) in private e-mail
   2017-09-03 15:40:19 by Matthias Scheler | Files touched by this commit (1)
Log message:
Use GNU Tar to extract the distribution archive because at least
NetBSD (8.99.2)'s "/bin/tar" fails to handle the extented headers
and extracts files into the wrong directory. This in turn least
to package list problems during the installation phase.
   2017-09-03 09:12:08 by Benny Siegert | Files touched by this commit (8) | Package updated
Log message:
Update Go to 1.9.

The latest Go release, version 1.9, arrives six months after Go 1.8 and
is the tenth release in the Go 1.x series. There are two changes to the
language: adding support for type aliases and defining when
implementations may fuse floating point operations. Most of the changes
are in the implementation of the toolchain, runtime, and libraries. As
always, the release maintains the Go 1 promise of compatibility. We
expect almost all Go programs to continue to compile and run as before.

The release adds transparent monotonic time support, parallelizes
compilation of functions within a package, better supports test helper
functions, includes a new bit manipulation package, and has a new
concurrent map type.

There are some instabilities on FreeBSD that are known but not
understood. These can lead to program crashes in rare cases. See issue
15658. Any help in solving this FreeBSD-specific issue would be
appreciated.

Go stopped running NetBSD builders during the Go 1.9 development cycle
due to NetBSD kernel crashes, up to and including NetBSD 7.1. As Go 1.9
is being released, NetBSD 7.1.1 is being released with a fix. However,
at this time we have no NetBSD builders passing our test suite. Any help
investigating the various NetBSD issues would be appreciated.
   2017-07-22 21:32:41 by Thomas Klausner | Files touched by this commit (10)
Log message:
Sprinkle CHECK_RELRO_SKIP on go packages.

go14 has no relro support AFAICT.

go-1.8.3 has if you use -buildmode=pie, but it claims it's not supported
on Linux.

Disable relro checking for go packages until bsiegert has time to
look at this.