golang: Update to 1.17.3

Contains fixes for: * CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat) accesses a memory location after the end of a buffer * CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field Signed-off-by: Jeffery To <jeffery.to@gmail.com>
2021-11-19 03:40:17 +08:00 · 2021-11-19 03:40:17 +08:00 · 901f80aae7
parent 8c1d7f0733
commit 901f80aae7
1 changed files with 2 additions and 2 deletions
--- a/lang/golang/golang/Makefile
+++ b/lang/golang/golang/Makefile
@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk

 GO_VERSION_MAJOR_MINOR:=1.17
-GO_VERSION_PATCH:=2
+GO_VERSION_PATCH:=3

 PKG_NAME:=golang
 PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \

 PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
 PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=2255eb3e4e824dd7d5fcdc2e7f84534371c186312e546fb1086a34c17752f431
+PKG_HASH:=705c64251e5b25d5d55ede1039c6aa22bea40a7a931d14c370339853643c3df0

 PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
 PKG_LICENSE:=BSD-3-Clause