./lang/go, Meta package providing the current release of the Go language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 1.17.2, Package name: go-1.17.2, Maintainer: pkgsrc-users

This is a meta package providing the latest release of the Go
programming language that is available for the host system.

The actual Go programming language is provided by packages such as
lang/go111, lang/go110, etc. This package merely allows users to
install "go" instead of having to figure out the exact package name.

No package should depend on this package directly.


Required to run:
[lang/go114]

Required to build:
[pkgtools/cwrappers]

Master sites:


Version history: (Expand)


CVS history: (Expand)


   2021-10-08 16:47:44 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update go117 to 1.17.2.

This minor release includes a security fix according to the new security policy.

When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js,
passing very large arguments can cause portions of the module to be overwritten
with data from the arguments.

If using wasm_exec.js to execute WASM modules, users will need to replace their
copy (as described in https://golang.org/wiki/WebAssembly#getting-started)
after rebuilding any modules.

This is issue 48797 and CVE-2021-38297. Thanks to Ben Lubar for reporting this
issue.
   2021-10-08 16:21:45 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update go116 to 1.16.9.

This minor release includes a security fix according to the new security policy.

When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js,
passing very large arguments can cause portions of the module to be overwritten
with data from the arguments.

If using wasm_exec.js to execute WASM modules, users will need to replace their
copy (as described in https://golang.org/wiki/WebAssembly#getting-started)
after rebuilding any modules.

This is issue 48797 and CVE-2021-38297. Thanks to Ben Lubar for reporting this
issue.
   2021-10-06 12:30:22 by Jonathan Perkin | Files touched by this commit (1)
Log message:
go: Add support for GO_EXTRA_MOD_DIRS.

This is a list of extra directories in which to look for go.mod files
when generating the output of show-go-modules.
   2021-09-27 18:02:36 by Nia Alarie | Files touched by this commit (1)
Log message:
go: not ready for PIE
   2021-09-17 15:17:19 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
go117: update to 1.17.1 (security).

go1.17.1 (released 2021-09-09) includes a security fix to the archive/zip
package, as well as bug fixes to the compiler, linker, the go command, and to
the crypto/rand, embed, go/types, html/template, and net/http packages.
   2021-09-17 14:56:18 by Benny Siegert | Files touched by this commit (2) | Package updated
Log message:
Update go116 to 1.16.8 (security).

go1.16.8 (released 2021-09-09) includes a security fix to the archive/zip
package, as well as bug fixes to the archive/zip, go/internal/gccgoimporter,
html/template, net/http, and runtime/pprof packages.
   2021-08-11 21:00:24 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
go116: update to 1.16.7.

This minor release includes a security fix according to the new security
policy.

A net/http/httputil ReverseProxy can panic due to a race condition if its
Handler aborts with ErrAbortHandler, for example due to an error in copying the
response body. An attacker might be able to force the conditions leading to the
race condition.

This is issue https://golang.org/issue/46866 and CVE-2021-36221. Thanks to
Andrew Crump (VMware) for reporting this issue.
   2021-08-11 18:46:48 by Benny Siegert | Files touched by this commit (3) | Package updated
Log message:
go115: update to 1.15.15.

This minor release includes a security fix according to the new security
policy.

A net/http/httputil ReverseProxy can panic due to a race condition if its
Handler aborts with ErrAbortHandler, for example due to an error in copying the
response body. An attacker might be able to force the conditions leading to the
race condition.

This is issue https://golang.org/issue/46866 and CVE-2021-36221. Thanks to
Andrew Crump (VMware) for reporting this issue.