Navigation:
Browse pkgsrc
(this page)| 2024-12-06 12:05:48 by Jonathan Perkin | Files touched by this commit (2) |
Log message: go: Set GOTMPDIR. Go uses TMPDIR for ephemeral objects, but unlike other compilers does not clean up quickly enough, so even with a reasonably large tmpfs limit of 1G some package builds can fail due to too many leftover objects. Use the same directory as GOCACHE and ensure it is created after distfile extraction. Tested in a bulk build on SmartOS and confirmed to fix a number of package builds. No feedback on proposal to tech-pkg@. |
| 2024-12-04 19:51:39 by Benny Siegert | Files touched by this commit (4) |
Log message: Update Go to 1.22.10, 1.23.4 go1.23.4 (released 2024-12-03) includes fixes to the compiler, the runtime, the trace command, and the syscall package. See the Go 1.23.4 milestone on our issue tracker for details. go1.22.10 (released 2024-12-03) includes fixes to the runtime and the syscall package. See the Go 1.22.10 milestone on our issue tracker for details. |
2024-11-08 20:46:59 by Benny Siegert | Files touched by this commit (5) |  |
Log message: go: update to 1.22.9 and 1.23.2. go1.23.3 (released 2024-11-06) includes fixes to the linker, the runtime, and the net/http, os, and syscall packages. See the Go 1.23.3 milestone on our issue tracker for details. go1.22.9 (released 2024-11-06) includes fixes to the linker. See the Go 1.22.9 milestone on our issue tracker for details. |
| 2024-10-29 14:10:11 by Jonathan Perkin | Files touched by this commit (1) |
Log message: go: Fix the telemetry stuff. Didn't work for packages that set GO_VERSION_REQD. |
| 2024-10-11 12:02:54 by Benny Siegert | Files touched by this commit (2) |
Log message: Set default Go version to 1.23. Re-add the "go telemetry off" line that caused some breakage, but guarded to be 1.23-only. The only package that's still unfixed with 1.23 is wireguard-go, which does not have a fix available upstream. |
| 2024-10-06 18:29:40 by Benny Siegert | Files touched by this commit (1) |
Log message: go-module.mk: unbreak with Go 1.22 A recent commit mistakenly added a call to "go telemetry off", which has only been added in 1.23. This chunk was meant to be committed as part of setting the default Go version to 1.22. Sorry for the breakage, everyone! PR pkg/58722 and various pings |
| 2024-10-03 17:41:01 by Benny Siegert | Files touched by this commit (6) | |
Log message: go: update go123 to 1.23.2 and go122 to 1.22.8. go1.23.2 (released 2024-10-01) includes fixes to the compiler, cgo, the runtime, and the maps, os, os/exec, time, and unique packages. See the Go 1.23.2 milestone on our issue tracker for details. go1.22.8 (released 2024-10-01) includes fixes to cgo, and the maps and syscall packages. See the Go 1.22.8 milestone on our issue tracker for details. |
| 2024-09-09 12:31:16 by Nia Alarie | Files touched by this commit (1) |
Log message: go: Do not override ONLY_FOR_PLATFORM |
| 2024-09-06 20:42:18 by Benny Siegert | Files touched by this commit (2) | |
Log message: go122: update to 1.22.7 This minor release includes 3 security fixes following the security policy: go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code which contains deeply \ nested literals can cause a panic due to stack exhaustion. This is CVE-2024-34155 and Go issue https://go.dev/issue/69138. encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which contains deeply nested structures can \ cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu) for \ reporting this issue. This is CVE-2024-34156 and Go issue https://go.dev/issue/69139. go/build/constraint: stack exhaustion in Parse Calling Parse on a "// +build" build tag line with deeply nested \ expressions can cause a panic due to stack exhaustion. This is CVE-2024-34158 and Go issue https://go.dev/issue/69141. |
| 2024-09-06 20:38:23 by Benny Siegert | Files touched by this commit (3) | |
Log message: go123: update to 1.23.1 This minor release includes 3 security fixes following the security policy: go/parser: stack exhaustion in all Parse* functions Calling any of the Parse functions on Go source code which contains deeply \ nested literals can cause a panic due to stack exhaustion. This is CVE-2024-34155 and Go issue https://go.dev/issue/69138. encoding/gob: stack exhaustion in Decoder.Decode Calling Decoder.Decode on a message which contains deeply nested structures can \ cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Thanks to Md Sakib Anwar of The Ohio State University (anwar.40@osu.edu) for \ reporting this issue. This is CVE-2024-34156 and Go issue https://go.dev/issue/69139. go/build/constraint: stack exhaustion in Parse Calling Parse on a "// +build" build tag line with deeply nested \ expressions can cause a panic due to stack exhaustion. This is CVE-2024-34158 and Go issue https://go.dev/issue/69141. |
New packages: