Navigation:
Browse pkgsrc
(this page)Log Message: Update go116 to 1.16.1, fixing two security issues: - encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader The Decode, DecodeElement, and Skip methods of an xml.Decoder provided by xml.NewTokenDecoder may enter an infinite loop when operating on a custom xml.TokenReader which returns an EOF in the middle of an open XML element. Thanks to Sam Whited for reporting this issue. This issue is CVE-2021-27918 and Go issue golang.org/issue/44913. - archive/zip: panic when calling Reader.Open The Reader.Open API, new in Go 1.16, will panic when used on a ZIP archive containing files that start with "../". This issue is CVE-2021-27919 and Go issue golang.org/issue/44916.
| Revision | Action | file |
| 1.112 | modify | pkgsrc/lang/go/version.mk |
| 1.4 | modify | pkgsrc/lang/go116/distinfo |
New packages: