pkgsrc.se | The NetBSD package collection

./lang/go, The Go programming language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2015Q3, Version: 1.5.1, Package name: go-1.5.1, Maintainer: bsiegert

The Go programming language is an open source project to make
programmers more productive.

Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of
multicore and networked machines, while its novel type system enables
flexible and modular program construction. Go compiles quickly to
machine code yet has the convenience of garbage collection and the power
of run-time reflection. It's a fast, statically typed, compiled language
that feels like a dynamically typed, interpreted language.

Required to run:
[lang/perl5] [shells/bash]

Required to build:
[lang/go14] [shells/bash]

Master sites:

https://storage.googleapis.com/golang/ (Download)

SHA1: 0df564746d105f4180c2b576a1553ebca9d9a124
RMD160: 751d078789bcd6ec0d85e09f5f40d9959877e202
Filesize: 11767.286 KB

Version history: (Expand)

(2015-09-30) Package added to pkgsrc.se, version go-1.5.1 (created)

CVS history: (Expand)

2015-10-06 18:37:05 by S.P.Zeidler | Files touched by this commit (4) | Package updated

Log message:
Pullup ticket #4819 - requested by bsiegert
lang/go14: security update

Revisions pulled up:
- lang/go/version.mk                                            1.9
- lang/go14/Makefile                                            1.5
- lang/go14/PLIST                                               1.2
- lang/go14/distinfo                                            1.3

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   tnn
   Date:           Sun Sep 27 00:36:02 UTC 2015

   Modified Files:
           pkgsrc/lang/go14: Makefile

   Log message:
   more REPLACE_BASH

   To generate a diff of this commit:
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/go14/Makefile

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Sat Sep 26 17:37:01 UTC 2015

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go14: Makefile PLIST distinfo

   Log message:
   Update go14 to 1.4.3. It fixes four security-related issues.

   The issues were reported in Go's net/http package. They affect programs usi=
   ng
   that package to proxy HTTP requests. We recommend that all users upgrade to=
    Go
   1.5, which fixes these issues. For users unable to upgrade to Go 1.5, we ha=
   ve
   released version 1.4.3, which is based on Go 1.4.2 plus fixes for these iss=
   ues.
   Affected Go programs=E2=80=94those that use the net/http package as a proxy=
    server=E2=80=94must
   be recompiled with Go 1.5 or Go 1.4.3 to receive the fixes.

   The CVE issue descriptions and fixes are linked below.

   CVE-2015-5739
   "Content Length" treated as valid header:
   https://go-review.googlesource.com/#/c/11772/

   CVE-2015-5740
   Double content-length headers does not return 400 error:
   https://go-review.googlesource.com/#/c/11810/

   CVE-2015-5741
   Additional hardening, not sending Content-Length w/Transfer-Encoding,
   Closing connections:
   https://go-review.googlesource.com/#/c/11810/
   https://go-review.googlesource.com/#/c/12865/
   https://go-review.googlesource.com/#/c/13148/

   The Go team would like to thank Jed Denlea and R=C3=A9gis Leroy for their
   contributions to this release. They have been awarded 1337 USD under the Go=
   ogle
   Security Bounty program.

   To generate a diff of this commit:
   cvs rdiff -u -r1.8 -r1.9 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go14/Makefile
   cvs rdiff -u -r1.1 -r1.2 pkgsrc/lang/go14/PLIST
   cvs rdiff -u -r1.2 -r1.3 pkgsrc/lang/go14/distinfo