Subject: CVS commit: pkgsrc/security/go-crypto
From: Benny Siegert
Date: 2020-02-03 14:14:20
Message id: 20200203131420.C6C85FBF4@cvs.NetBSD.org

Log Message:
Update go-crypto to 0.0.20200122.

In addition to about two years of changes, this contains notably the
following security fix:

	When int is 32 bits wide (on 32-bit architectures like 386 and arm), an
	overflow could occur, causing a panic, due to malformed ASN.1 being
	passed to any of the ASN1 methods of String.

	Tested on linux/386 and darwin/amd64.

	This fixes CVE-2020-7919 and was found thanks to the Project Wycheproof
	test vectors.

pkgsrc changes:
Once again, the acme subdirectory was removed as it introduces a circular
dependency with go-net.

Prodded several times by ng0@

Files:
RevisionActionfile
1.5modifypkgsrc/security/go-crypto/distinfo
1.6modifypkgsrc/security/go-crypto/buildlink3.mk
1.6modifypkgsrc/security/go-crypto/PLIST
1.29modifypkgsrc/security/go-crypto/Makefile