From 456fa1f1b653831c7ddf896128f3b470391e99ee Mon Sep 17 00:00:00 2001 From: Zephyr Lykos Date: Fri, 8 Mar 2024 12:35:07 +0800 Subject: [PATCH] golang: Update to 1.22.1 Go 1.22.1 contains the following security fixes: - CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm - CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm - CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect - CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping - CVE-2024-24784 net/mail: comments in display names are incorrectly handled https://go.dev/doc/devel/release#go1.22.1 https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg Signed-off-by: Zephyr Lykos --- lang/golang/golang/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile index f11594f691..8756dcf661 100644 --- a/lang/golang/golang/Makefile +++ b/lang/golang/golang/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk GO_VERSION_MAJOR_MINOR:=1.22 -GO_VERSION_PATCH:=0 +GO_VERSION_PATCH:=1 PKG_NAME:=golang PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH)) @@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \ PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz PKG_SOURCE_URL:=$(GO_SOURCE_URLS) -PKG_HASH:=4d196c3d41a0d6c1dfc64d04e3cc1f608b0c436bd87b7060ce3e23234e1f4d5c +PKG_HASH:=79c9b91d7f109515a25fc3ecdaad125d67e6bdb54f6d4d98580f46799caea321 PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause