Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

golang: Update to 1.16.5

Browse source 
1.16.1 included fixes for:

* CVE-2021-27918 - encoding/xml: infinite loop when using
  xml.NewTokenDecoder with a custom TokenReader
* CVE-2021-27919 - archive/zip: can panic when calling Reader.Open

1.16.4 included fixes for:

* CVE-2021-31525 - net/http: ReadRequest can stack overflow due to
  recursion with very large headers

1.16.5 includes fixes for:

* CVE-2021-33195 - net: Lookup functions may return invalid host names
* CVE-2021-33196 - archive/zip: malformed archive may cause panic or
  memory exhaustion
* CVE-2021-33197 - net/http/httputil: ReverseProxy forwards Connection
  headers if first one is empty

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit fe3c49fe07)
This commit is contained in:
Jeffery To 2021-06-11 16:26:56 +08:00
parent 5342be8198
commit 7f2db681f1
No known key found for this signature in database
GPG key ID: C616D9E719E868E4
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
lang/golang/golang/Makefile
View file

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
GO_VERSION_MAJOR_MINOR:=1.16
GO_VERSION_PATCH:=
GO_VERSION_PATCH:=5
PKG_NAME:=golang
PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
PKG_HASH:=7688063d55656105898f323d90a79a39c378d86fe89ae192eb3b7fc46347c95a
PKG_HASH:=7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=BSD-3-Clause