pkgsrc.se | The NetBSD package collection

./lang/go119, The Go programming language

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: CURRENT, Version: 1.19.1, Package name: go119-1.19.1, Maintainer: bsiegert

The Go programming language is an open source project to make
programmers more productive.

Go is expressive, concise, clean, and efficient. Its concurrency
mechanisms make it easy to write programs that get the most out of
multicore and networked machines, while its novel type system enables
flexible and modular program construction. Go compiles quickly to
machine code yet has the convenience of garbage collection and the power
of run-time reflection. It's a fast, statically typed, compiled language
that feels like a dynamically typed, interpreted language.

Master sites:

https://storage.googleapis.com/golang/ (Download)

Filesize: 25905.64 KB

Version history: (Expand)

(2022-09-07) Updated to version: go119-1.19.1
(2022-08-21) Package added to pkgsrc.se, version go119-1.19 (created)

CVS history: (Expand)

2022-09-17 12:13:56 by Benny Siegert | Files touched by this commit (2)

Log message:
go: be more verbose when building

Requested by nia@ during dev summit @EuroBSDCon

2022-09-06 21:11:13 by Benny Siegert | Files touched by this commit (3) | Package updated

Log message:
go119: update to 1.19.1 (security)

This minor release includes 2 security fixes following the security policy:

net/http: handle server errors after sending GOAWAY

A closing HTTP/2 server connection could hang forever waiting for a clean
shutdown that was preempted by a subsequent fatal error. This failure mode
could be exploited to cause a denial of service.

Thanks to Bahruz Jabiyev, Tommaso Innocenti, Anthony Gavazzi, Steven Sprecher,
and Kaan Onarlioglu for reporting this.

This is CVE-2022-27664 and Go issue https://go.dev/issue/54658.

net/url: JoinPath does not strip relative path components in all circumstances

JoinPath and URL.JoinPath would not remove ../ path components appended to a
relative path. For example, JoinPath("https://go.dev", \ 
"../go") returned the
URL https://go.dev/../go, despite the JoinPath documentation stating that ../
path elements are cleaned from the result.

Thanks to q0jt for reporting this issue.

This is CVE-2022-32190 and Go issue https://go.dev/issue/54385.

2022-08-22 11:44:48 by Tobias Nygren | Files touched by this commit (4)

Log message:
go119: s/118/119/ in some places