pkgsrc.se | The NetBSD package collection

./lang/go, Meta package providing the current release of the Go language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q4, Version: 1.11.5, Package name: go-1.11.5, Maintainer: pkgsrc-users

This is a meta package providing the latest release of the Go
programming language that is available for the host system.

The actual Go programming language is provided by packages such as
lang/go111, lang/go110, etc. This package merely allows users to
install "go" instead of having to figure out the exact package name.

No package should depend on this package directly.

Required to run:
[lang/go111]

Required to build:
[pkgtools/cwrappers]

Version history: (Expand)

(2019-02-08) Updated to version: go-1.11.5
(2019-01-02) Package added to pkgsrc.se, version go-1.11.4 (created)

CVS history: (Expand)

2019-02-08 12:31:19 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5906 - requested by bsiegert
lang/go111: security update

Revisions pulled up:
- lang/go/version.mk                                            1.54
- lang/go111/distinfo                                           1.5

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Thu Jan 24 09:26:21 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go111: distinfo

   Log message:
   Update go111 to 1.11.5 (security).

   This release addresses a recently supported security issue. This DoS
   vulnerability in the crypto/elliptic implementations of the P-521 and P-384
   elliptic curves may let an attacker craft inputs that consume excessive
   amounts of CPU.

   These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
   tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
   key is reused more than once, the attack can also lead to key recovery.

   The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
   See the Go issue for more details.

   To generate a diff of this commit:
   cvs rdiff -u -r1.53 -r1.54 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/go111/distinfo

2019-02-08 12:30:53 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5905 - requested by bsiegert
lang/go110: security update

Revisions pulled up:
- lang/go/version.mk                                            1.55
- lang/go110/distinfo                                           1.4

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Thu Jan 24 09:33:08 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go110: distinfo

   Log message:
   Update go110 to 1.10.8 (security).

   This release addresses a recently supported security issue. This DoS
   vulnerability in the crypto/elliptic implementations of the P-521 and P-384
   elliptic curves may let an attacker craft inputs that consume excessive
   amounts of CPU.

   These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
   tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
   key is reused more than once, the attack can also lead to key recovery.

   The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
   See the Go issue for more details.

   To generate a diff of this commit:
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go110/distinfo