* [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
@ 2020-12-14 1:53 Jamaluddin, Khairul Rohaizzat
2020-12-14 3:37 ` [OE-core] " Khem Raj
2020-12-14 4:15 ` Anuj Mittal
0 siblings, 2 replies; 5+ messages in thread
From: Jamaluddin, Khairul Rohaizzat @ 2020-12-14 1:53 UTC (permalink / raw)
To: openembedded-core
From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
update minor version to 1.15.6
go-1.15.3 includes fixes to cgo, the compiler, runtime, the go command, and the bytes, plugin, and testing packages.
go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and the compress/flate, net/http, reflect, and time packages.
go-1.15.5 includes security fixes to the go command and the math/big package.
go-1.15.6 includes fixes to the compiler, linker, runtime, the go command, and the io package.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-28362
https://nvd.nist.gov/vuln/detail/CVE-2020-28366
https://nvd.nist.gov/vuln/detail/CVE-2020-28367
https://golang.org/doc/devel/release.html#go1.15.minor
Updates includes fix for:
CVE-2020-28362
CVE-2020-28366
CVE-2020-28367
Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com>
---
meta/recipes-devtools/go/go-1.15.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-devtools/go/go-1.15.inc
index 97d748b..c5e3fe0 100644
--- a/meta/recipes-devtools/go/go-1.15.inc
+++ b/meta/recipes-devtools/go/go-1.15.inc
@@ -1,7 +1,7 @@
require go-common.inc
GO_BASEVERSION = "1.15"
-GO_MINOR = ".2"
+GO_MINOR = ".6"
PV .= "${GO_MINOR}"
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
@@ -17,4 +17,4 @@ SRC_URI += "\
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
"
-SRC_URI[main.sha256sum] = "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d"
+SRC_URI[main.sha256sum] = "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
--
2.7.4
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
2020-12-14 1:53 [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6 Jamaluddin, Khairul Rohaizzat
@ 2020-12-14 3:37 ` Khem Raj
2020-12-14 6:43 ` Jamaluddin, Khairul Rohaizzat
2020-12-14 4:15 ` Anuj Mittal
1 sibling, 1 reply; 5+ messages in thread
From: Khem Raj @ 2020-12-14 3:37 UTC (permalink / raw)
To: Jamaluddin, Khairul Rohaizzat; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 2101 bytes --]
Can you first update it on master and then do needed backport ?
On Sun, Dec 13, 2020 at 5:53 PM Jamaluddin, Khairul Rohaizzat <
khairul.rohaizzat.jamaluddin@intel.com> wrote:
> From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com
> >
>
> update minor version to 1.15.6
>
> go-1.15.3 includes fixes to cgo, the compiler, runtime, the go command,
> and the bytes, plugin, and testing packages.
> go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and the
> compress/flate, net/http, reflect, and time packages.
> go-1.15.5 includes security fixes to the go command and the math/big
> package.
> go-1.15.6 includes fixes to the compiler, linker, runtime, the go command,
> and the io package.
>
> References:
> https://nvd.nist.gov/vuln/detail/CVE-2020-28362
> https://nvd.nist.gov/vuln/detail/CVE-2020-28366
> https://nvd.nist.gov/vuln/detail/CVE-2020-28367
> https://golang.org/doc/devel/release.html#go1.15.minor
>
> Updates includes fix for:
> CVE-2020-28362
> CVE-2020-28366
> CVE-2020-28367
>
> Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ---
> meta/recipes-devtools/go/go-1.15.inc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-devtools/go/go-1.15.inc
> b/meta/recipes-devtools/go/go-1.15.inc
> index 97d748b..c5e3fe0 100644
> --- a/meta/recipes-devtools/go/go-1.15.inc
> +++ b/meta/recipes-devtools/go/go-1.15.inc
> @@ -1,7 +1,7 @@
> require go-common.inc
>
> GO_BASEVERSION = "1.15"
> -GO_MINOR = ".2"
> +GO_MINOR = ".6"
> PV .= "${GO_MINOR}"
> FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
>
> @@ -17,4 +17,4 @@ SRC_URI += "\
> file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
> file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
> "
> -SRC_URI[main.sha256sum] =
> "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d"
> +SRC_URI[main.sha256sum] =
> "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
> --
> 2.7.4
>
>
>
>
>
[-- Attachment #2: Type: text/html, Size: 3173 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
2020-12-14 1:53 [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6 Jamaluddin, Khairul Rohaizzat
2020-12-14 3:37 ` [OE-core] " Khem Raj
@ 2020-12-14 4:15 ` Anuj Mittal
2020-12-14 6:40 ` Jamaluddin, Khairul Rohaizzat
1 sibling, 1 reply; 5+ messages in thread
From: Anuj Mittal @ 2020-12-14 4:15 UTC (permalink / raw)
To: openembedded-core, Jamaluddin, Khairul Rohaizzat
Hi Khairul
On Mon, 2020-12-14 at 09:53 +0800, Jamaluddin, Khairul Rohaizzat wrote:
> From: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
>
> update minor version to 1.15.6
>
> go-1.15.3 includes fixes to cgo, the compiler, runtime, the go
> command, and the bytes, plugin, and testing packages.
> go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and
> the compress/flate, net/http, reflect, and time packages.
> go-1.15.5 includes security fixes to the go command and the math/big
> package.
master has 1.15.5 so I would like to cherry-pick those updates from
master instead.
> go-1.15.6 includes fixes to the compiler, linker, runtime, the go
> command, and the io package.
I will cherry-pick 1.15.6 update that you've sent for master once that
is merged there.
Thanks,
Anuj
>
> References:
> https://nvd.nist.gov/vuln/detail/CVE-2020-28362
> https://nvd.nist.gov/vuln/detail/CVE-2020-28366
> https://nvd.nist.gov/vuln/detail/CVE-2020-28367
> https://golang.org/doc/devel/release.html#go1.15.minor
>
> Updates includes fix for:
> CVE-2020-28362
> CVE-2020-28366
> CVE-2020-28367
>
> Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ---
> meta/recipes-devtools/go/go-1.15.inc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-
> devtools/go/go-1.15.inc
> index 97d748b..c5e3fe0 100644
> --- a/meta/recipes-devtools/go/go-1.15.inc
> +++ b/meta/recipes-devtools/go/go-1.15.inc
> @@ -1,7 +1,7 @@
> require go-common.inc
>
> GO_BASEVERSION = "1.15"
> -GO_MINOR = ".2"
> +GO_MINOR = ".6"
> PV .= "${GO_MINOR}"
> FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
>
> @@ -17,4 +17,4 @@ SRC_URI += "\
> file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
> file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
> "
> -SRC_URI[main.sha256sum] =
> "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d"
> +SRC_URI[main.sha256sum] =
> "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
2020-12-14 4:15 ` Anuj Mittal
@ 2020-12-14 6:40 ` Jamaluddin, Khairul Rohaizzat
0 siblings, 0 replies; 5+ messages in thread
From: Jamaluddin, Khairul Rohaizzat @ 2020-12-14 6:40 UTC (permalink / raw)
To: Mittal, Anuj, openembedded-core
Hi Anuj,
Duly noted. Please do proceed as needed.
Thank you & Kind regards,
Khairul
-----Original Message-----
From: Mittal, Anuj <anuj.mittal@intel.com>
Sent: Monday, December 14, 2020 12:15 PM
To: openembedded-core@lists.openembedded.org; Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com>
Subject: Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
Hi Khairul
On Mon, 2020-12-14 at 09:53 +0800, Jamaluddin, Khairul Rohaizzat wrote:
> From: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
>
> update minor version to 1.15.6
>
> go-1.15.3 includes fixes to cgo, the compiler, runtime, the go
> command, and the bytes, plugin, and testing packages.
> go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and
> the compress/flate, net/http, reflect, and time packages.
> go-1.15.5 includes security fixes to the go command and the math/big
> package.
master has 1.15.5 so I would like to cherry-pick those updates from master instead.
> go-1.15.6 includes fixes to the compiler, linker, runtime, the go
> command, and the io package.
I will cherry-pick 1.15.6 update that you've sent for master once that is merged there.
Thanks,
Anuj
>
> References:
> https://nvd.nist.gov/vuln/detail/CVE-2020-28362
> https://nvd.nist.gov/vuln/detail/CVE-2020-28366
> https://nvd.nist.gov/vuln/detail/CVE-2020-28367
> https://golang.org/doc/devel/release.html#go1.15.minor
>
> Updates includes fix for:
> CVE-2020-28362
> CVE-2020-28366
> CVE-2020-28367
>
> Signed-off-by: Khairul Rohaizzat Jamaluddin <
> khairul.rohaizzat.jamaluddin@intel.com>
> ---
> meta/recipes-devtools/go/go-1.15.inc | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-
> devtools/go/go-1.15.inc index 97d748b..c5e3fe0 100644
> --- a/meta/recipes-devtools/go/go-1.15.inc
> +++ b/meta/recipes-devtools/go/go-1.15.inc
> @@ -1,7 +1,7 @@
> require go-common.inc
>
> GO_BASEVERSION = "1.15"
> -GO_MINOR = ".2"
> +GO_MINOR = ".6"
> PV .= "${GO_MINOR}"
> FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
>
> @@ -17,4 +17,4 @@ SRC_URI += "\
> file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
> file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ "
> -SRC_URI[main.sha256sum] =
> "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d"
> +SRC_URI[main.sha256sum] =
> "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
>
>
>
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
2020-12-14 3:37 ` [OE-core] " Khem Raj
@ 2020-12-14 6:43 ` Jamaluddin, Khairul Rohaizzat
0 siblings, 0 replies; 5+ messages in thread
From: Jamaluddin, Khairul Rohaizzat @ 2020-12-14 6:43 UTC (permalink / raw)
To: Khem Raj; +Cc: openembedded-core
[-- Attachment #1: Type: text/plain, Size: 2635 bytes --]
Hi Raj,
Duly noted.
The update to master have been submitted, waiting for review.
Anuj will be cherry picking the updates for gatesgarth with his submission afterward.
Apologies for the little confusion..
Thank you & Kind regards,
Khairul
From: Khem Raj <raj.khem@gmail.com>
Sent: Monday, December 14, 2020 11:37 AM
To: Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com>
Cc: openembedded-core@lists.openembedded.org
Subject: Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6
Can you first update it on master and then do needed backport ?
On Sun, Dec 13, 2020 at 5:53 PM Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>> wrote:
From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>>
update minor version to 1.15.6
go-1.15.3 includes fixes to cgo, the compiler, runtime, the go command, and the bytes, plugin, and testing packages.
go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and the compress/flate, net/http, reflect, and time packages.
go-1.15.5 includes security fixes to the go command and the math/big package.
go-1.15.6 includes fixes to the compiler, linker, runtime, the go command, and the io package.
References:
https://nvd.nist.gov/vuln/detail/CVE-2020-28362
https://nvd.nist.gov/vuln/detail/CVE-2020-28366
https://nvd.nist.gov/vuln/detail/CVE-2020-28367
https://golang.org/doc/devel/release.html#go1.15.minor
Updates includes fix for:
CVE-2020-28362
CVE-2020-28366
CVE-2020-28367
Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>>
---
meta/recipes-devtools/go/go-1.15.inc | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-devtools/go/go-1.15.inc
index 97d748b..c5e3fe0 100644
--- a/meta/recipes-devtools/go/go-1.15.inc
+++ b/meta/recipes-devtools/go/go-1.15.inc
@@ -1,7 +1,7 @@
require go-common.inc
GO_BASEVERSION = "1.15"
-GO_MINOR = ".2"
+GO_MINOR = ".6"
PV .= "${GO_MINOR}"
FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:"
@@ -17,4 +17,4 @@ SRC_URI += "\
file://0007-cmd-go-make-GOROOT-precious-by-default.patch \
file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
"
-SRC_URI[main.sha256sum] = "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d"
+SRC_URI[main.sha256sum] = "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
--
2.7.4
[-- Attachment #2: Type: text/html, Size: 6130 bytes --]
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2020-12-14 6:43 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-12-14 1:53 [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6 Jamaluddin, Khairul Rohaizzat
2020-12-14 3:37 ` [OE-core] " Khem Raj
2020-12-14 6:43 ` Jamaluddin, Khairul Rohaizzat
2020-12-14 4:15 ` Anuj Mittal
2020-12-14 6:40 ` Jamaluddin, Khairul Rohaizzat
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.