pkgsrc.se | The NetBSD package collection

./lang/go110, The Go programming language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q4, Version: 1.10.8, Package name: go110-1.10.8, Maintainer: bsiegert

The Go programming language is an open source project to make
programmers more productive.

Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of
multicore and networked machines, while its novel type system enables
flexible and modular program construction. Go compiles quickly to
machine code yet has the convenience of garbage collection and the power
of run-time reflection. It's a fast, statically typed, compiled language
that feels like a dynamically typed, interpreted language.

Required to run:
[shells/bash] [lang/perl5]

Required to build:
[lang/go14] [pkgtools/cwrappers]

Master sites:

https://storage.googleapis.com/golang/ (Download)

SHA1: 83b92e77db57fe17e1c09f72464d7097b28cbb78
RMD160: 6448de873a974439bb658362d6aa780c7ec29d21
Filesize: 17904.114 KB

Version history: (Expand)

(2019-02-08) Updated to version: go110-1.10.8
(2019-01-02) Package added to pkgsrc.se, version go110-1.10.7 (created)

CVS history: (Expand)

2019-02-08 12:30:53 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5905 - requested by bsiegert
lang/go110: security update

Revisions pulled up:
- lang/go/version.mk                                            1.55
- lang/go110/distinfo                                           1.4

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Thu Jan 24 09:33:08 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go110: distinfo

   Log message:
   Update go110 to 1.10.8 (security).

   This release addresses a recently supported security issue. This DoS
   vulnerability in the crypto/elliptic implementations of the P-521 and P-384
   elliptic curves may let an attacker craft inputs that consume excessive
   amounts of CPU.

   These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
   tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
   key is reused more than once, the attack can also lead to key recovery.

   The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
   See the Go issue for more details.

   To generate a diff of this commit:
   cvs rdiff -u -r1.54 -r1.55 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go110/distinfo