* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
@ 2019-01-24 8:16 Christian Stewart
2019-01-24 9:04 ` Anisse Astier
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Christian Stewart @ 2019-01-24 8:16 UTC (permalink / raw)
To: buildroot
Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
Signed-off-by: Christian Stewart <christian@paral.in>
---
package/go/go.hash | 2 +-
package/go/go.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/go/go.hash b/package/go/go.hash
index ee1c881e6a..29891399c3 100644
--- a/package/go/go.hash
+++ b/package/go/go.hash
@@ -1,3 +1,3 @@
# From https://golang.org/dl/
-sha256 4cfd42720a6b1e79a8024895fa6607b69972e8e32446df76d6ce79801bbadb15 go1.11.4.src.tar.gz
+sha256 bc1ef02bb1668835db1390a2e478dcbccb5dd16911691af9d75184bbe5aa943e go1.11.5.src.tar.gz
sha256 2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067 LICENSE
diff --git a/package/go/go.mk b/package/go/go.mk
index 0d7b961dda..7755a3f785 100644
--- a/package/go/go.mk
+++ b/package/go/go.mk
@@ -4,7 +4,7 @@
#
################################################################################
-GO_VERSION = 1.11.4
+GO_VERSION = 1.11.5
GO_SITE = https://storage.googleapis.com/golang
GO_SOURCE = go$(GO_VERSION).src.tar.gz
--
2.19.2
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
2019-01-24 8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
@ 2019-01-24 9:04 ` Anisse Astier
2019-01-24 9:46 ` Peter Korsgaard
2019-01-29 21:05 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Anisse Astier @ 2019-01-24 9:04 UTC (permalink / raw)
To: buildroot
On Thu, Jan 24, 2019 at 12:16:33AM -0800, Christian Stewart wrote:
> Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
>
> Signed-off-by: Christian Stewart <christian@paral.in>
> ---
> package/go/go.hash | 2 +-
> package/go/go.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
Thanks Christian, that was fast ! To be fair, the issue seems severe
enough (remote DoS).
Acked-by: Anisse Astier <anisse@astier.eu>
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
2019-01-24 8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
2019-01-24 9:04 ` Anisse Astier
@ 2019-01-24 9:46 ` Peter Korsgaard
2019-01-29 21:05 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2019-01-24 9:46 UTC (permalink / raw)
To: buildroot
>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:
> Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
> Signed-off-by: Christian Stewart <christian@paral.in>
Committed, thanks.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Buildroot] [PATCH 1/1] go: security bump to 1.11.5
2019-01-24 8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
2019-01-24 9:04 ` Anisse Astier
2019-01-24 9:46 ` Peter Korsgaard
@ 2019-01-29 21:05 ` Peter Korsgaard
2 siblings, 0 replies; 4+ messages in thread
From: Peter Korsgaard @ 2019-01-29 21:05 UTC (permalink / raw)
To: buildroot
>>>>> "Christian" == Christian Stewart <christian@paral.in> writes:
> Go 1.11.5 addresses a reported security issue, CVE-2019-6486.
> Signed-off-by: Christian Stewart <christian@paral.in>
Committed to 2018.11.x, thanks.
We use go 1.9.7 on the 2018.02.x branch. It is not really clear to me if
1.9.x is also affected?
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-01-29 21:05 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-01-24 8:16 [Buildroot] [PATCH 1/1] go: security bump to 1.11.5 Christian Stewart
2019-01-24 9:04 ` Anisse Astier
2019-01-24 9:46 ` Peter Korsgaard
2019-01-29 21:05 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.