pkgsrc.se | The NetBSD package collection

Subject: CVS commit: [pkgsrc-2017Q1] pkgsrc/lang/go
From: S.P.Zeidler
Date: 2017-05-25 23:11:03
Message id: 20170525211103.4F904FBE4@cvs.NetBSD.org

Log Message:
Pullup ticket #5433 - requested by bsiegert
lang/go: security update

Revisions pulled up:
- lang/go/Makefile                                              1.52
- lang/go/distinfo                                              1.49
- lang/go/version.mk                                            1.26
- lang/go/PLIST                                                 1.31

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	bsiegert
   Date:		Thu May 25 09:06:43 UTC 2017

   Modified Files:
   	pkgsrc/lang/go: Makefile distinfo version.mk

   Log Message:
   SECURITY: Update Go to 1.8.2, fixing CVE-2017-8932,
   carry bug in x86-64 P-256.

   A security-related issue was recently reported in Go's crypto/elliptic package.
   To address this issue, we have just released Go 1.7.6 and Go 1.8.2.

   The Go team would like to thank Vlad Krasnov and Filippo Valsorda at Cloudflare
   for reporting the issue and providing a fix.

   The issue affects Go's P-256 implementation on the 64-bit x86 architecture.

   This is CVE-2017-8932 and was addressed by this change:
   https://golang.org/cl/41070, tracked in this issue:
   https://golang.org/issue/20040

   To generate a diff of this commit:
   cvs rdiff -u -r1.51 -r1.52 pkgsrc/lang/go/Makefile
   cvs rdiff -u -r1.48 -r1.49 pkgsrc/lang/go/distinfo
   cvs rdiff -u -r1.25 -r1.26 pkgsrc/lang/go/version.mk

-------------------------------------------------------------------
   Module Name:	pkgsrc
   Committed By:	wen
   Date:		Sun Apr  9 08:23:43 UTC 2017

   Modified Files:
   	pkgsrc/lang/go: PLIST distinfo version.mk

   Log Message:
   Update to 1.8.1

   Upstream changes:
   go1.8.1 (released 2017/04/07) includes fixes to the compiler, linker, runtime,
   +documentation, go command and the crypto/tls, encoding/xml, image/png, net,
   +net/http, reflect, text/template, and time packages. See the Go 1.8.1 milestone
   +on our issue tracker for details.

   To generate a diff of this commit:
   cvs rdiff -u -r1.30 -r1.31 pkgsrc/lang/go/PLIST
   cvs rdiff -u -r1.44 -r1.45 pkgsrc/lang/go/distinfo
   cvs rdiff -u -r1.23 -r1.24 pkgsrc/lang/go/version.mk

Files:

Revision	Action	file
1.49.2.3	modify	pkgsrc/lang/go/Makefile
1.30.2.1	modify	pkgsrc/lang/go/PLIST
1.44.2.3	modify	pkgsrc/lang/go/distinfo
1.23.2.2	modify	pkgsrc/lang/go/version.mk