All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
@ 2019-01-24  8:16 Christian Stewart
  2019-01-24  9:04 ` Anisse Astier
                   ` (2 more replies)
  0 siblings, 3 replies; 4+ messages in thread
From: Christian Stewart @ 2019-01-24  8:16 UTC (permalink / raw)
  To: buildroot

Go 1.11.5 addresses a reported security issue, CVE-2019-6486.

Signed-off-by: Christian Stewart <christian@paral.in>
---
 package/go/go.hash | 2 +-
 package/go/go.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/go/go.hash b/package/go/go.hash
index ee1c881e6a..29891399c3 100644
--- a/package/go/go.hash
+++ b/package/go/go.hash
@@ -1,3 +1,3 @@
 # From https://golang.org/dl/
-sha256	4cfd42720a6b1e79a8024895fa6607b69972e8e32446df76d6ce79801bbadb15  go1.11.4.src.tar.gz
+sha256	bc1ef02bb1668835db1390a2e478dcbccb5dd16911691af9d75184bbe5aa943e  go1.11.5.src.tar.gz
 sha256	2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE
diff --git a/package/go/go.mk b/package/go/go.mk
index 0d7b961dda..7755a3f785 100644
--- a/package/go/go.mk
+++ b/package/go/go.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GO_VERSION = 1.11.4
+GO_VERSION = 1.11.5
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz
 
-- 
2.19.2

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
  2019-01-24  8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
@ 2019-01-24  9:04 ` Anisse Astier
  2019-01-24  9:46 ` Peter Korsgaard
  2019-01-29 21:05 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Anisse Astier @ 2019-01-24  9:04 UTC (permalink / raw)
  To: buildroot

On Thu, Jan 24, 2019 at 12:16:33AM -0800, Christian Stewart wrote:
> Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
> 
> Signed-off-by: Christian Stewart <christian@paral.in>
> ---
>  package/go/go.hash | 2 +-
>  package/go/go.mk   | 2 +-
>  2 files changed, 2 insertions(+), 2 deletions(-)
> 
Thanks Christian, that was fast ! To be fair, the issue seems severe
enough (remote DoS).

Acked-by: Anisse Astier <anisse@astier.eu>

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
  2019-01-24  8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
  2019-01-24  9:04 ` Anisse Astier
@ 2019-01-24  9:46 ` Peter Korsgaard
  2019-01-29 21:05 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2019-01-24  9:46 UTC (permalink / raw)
  To: buildroot

>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:

 > Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
 > Signed-off-by: Christian Stewart <christian@paral.in>

Committed, thanks.

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
  2019-01-24  8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
  2019-01-24  9:04 ` Anisse Astier
  2019-01-24  9:46 ` Peter Korsgaard
@ 2019-01-29 21:05 ` Peter Korsgaard
  2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2019-01-29 21:05 UTC (permalink / raw)
  To: buildroot

>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:

 > Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
 > Signed-off-by: Christian Stewart <christian@paral.in>

Committed to 2018.11.x, thanks.

We use go 1.9.7 on the 2018.02.x branch. It is not really clear to me if
1.9.x is also affected?

-- 
Bye, Peter Korsgaard

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-29 21:05 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-24  8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
2019-01-24  9:04 ` Anisse Astier
2019-01-24  9:46 ` Peter Korsgaard
2019-01-29 21:05 ` Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.