pkgsrc.se | The NetBSD package collection

./lang/go111, The Go programming language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2018Q4, Version: 1.11.5, Package name: go111-1.11.5, Maintainer: bsiegert

The Go programming language is an open source project to make
programmers more productive.

Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of
multicore and networked machines, while its novel type system enables
flexible and modular program construction. Go compiles quickly to
machine code yet has the convenience of garbage collection and the power
of run-time reflection. It's a fast, statically typed, compiled language
that feels like a dynamically typed, interpreted language.

Required to run:
[shells/bash] [lang/perl5]

Required to build:
[lang/go14] [pkgtools/cwrappers]

Master sites:

https://storage.googleapis.com/golang/ (Download)

SHA1: 94ca79ff63fa5118cb4c7a7113b153d043e7bbf3
RMD160: 72ce2f34def54143595157f9e51b731757495272
Filesize: 20613.612 KB

Version history: (Expand)

(2019-02-08) Updated to version: go111-1.11.5
(2019-01-02) Package added to pkgsrc.se, version go111-1.11.4 (created)

CVS history: (Expand)

2019-02-08 12:31:19 by S.P.Zeidler | Files touched by this commit (2) | Package updated

Log message:
Pullup ticket #5906 - requested by bsiegert
lang/go111: security update

Revisions pulled up:
- lang/go/version.mk                                            1.54
- lang/go111/distinfo                                           1.5

-------------------------------------------------------------------
   Module Name:    pkgsrc
   Committed By:   bsiegert
   Date:           Thu Jan 24 09:26:21 UTC 2019

   Modified Files:
           pkgsrc/lang/go: version.mk
           pkgsrc/lang/go111: distinfo

   Log message:
   Update go111 to 1.11.5 (security).

   This release addresses a recently supported security issue. This DoS
   vulnerability in the crypto/elliptic implementations of the P-521 and P-384
   elliptic curves may let an attacker craft inputs that consume excessive
   amounts of CPU.

   These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
   tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private
   key is reused more than once, the attack can also lead to key recovery.

   The issue is CVE-2019-6486 and Go issue golang.org/issue/29903.
   See the Go issue for more details.

   To generate a diff of this commit:
   cvs rdiff -u -r1.53 -r1.54 pkgsrc/lang/go/version.mk
   cvs rdiff -u -r1.4 -r1.5 pkgsrc/lang/go111/distinfo