From 40b8301d59d9148201d159ed05cd54a7292051f6 Mon Sep 17 00:00:00 2001 From: bsiegert Date: Tue, 13 Jul 2021 10:12:00 +0000 Subject: [PATCH] Update go116 to 1.16.6. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This minor release includes a security fix according to the new security policy. crypto/tls clients can panic when provided a certificate of the wrong type for the negotiated parameters. net/http clients performing HTTPS requests are also affected. The panic can be triggered by an attacker in a privileged network position without access to the server certificate's private key, as long as a trusted ECDSA or Ed25519 certificate for the server exists (or can be issued), or the client is configured with Config.InsecureSkipVerify. Clients that disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE), as well as TLS 1.3-only clients, are unaffected. This is issue 47143 and CVE-2021-34558. Thanks to Imre Rad for reporting this issue. --- lang/go/version.mk | 4 ++-- lang/go116/Makefile | 3 +-- lang/go116/PLIST | 5 ++++- lang/go116/distinfo | 10 +++++----- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/lang/go/version.mk b/lang/go/version.mk index f909a4cbb514..eb4406ef671f 100644 --- a/lang/go/version.mk +++ b/lang/go/version.mk @@ -1,4 +1,4 @@ -# $NetBSD: version.mk,v 1.121 2021/07/13 10:05:08 bsiegert Exp $ +# $NetBSD: version.mk,v 1.122 2021/07/13 10:12:00 bsiegert Exp $ # # If bsd.prefs.mk is included before go-package.mk in a package, then this @@ -6,7 +6,7 @@ # .include "go-vars.mk" -GO116_VERSION= 1.16.5 +GO116_VERSION= 1.16.6 GO115_VERSION= 1.15.14 GO110_VERSION= 1.10.8 GO19_VERSION= 1.9.7 diff --git a/lang/go116/Makefile b/lang/go116/Makefile index 9bdaea82e4cd..52cad04c0399 100644 --- a/lang/go116/Makefile +++ b/lang/go116/Makefile @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.5 2021/05/24 19:52:33 wiz Exp $ +# $NetBSD: Makefile,v 1.6 2021/07/13 10:12:00 bsiegert Exp $ -PKGREVISION= 1 .include "../../lang/go/version.mk" .include "../../lang/go/bootstrap.mk" diff --git a/lang/go116/PLIST b/lang/go116/PLIST index 5d6c09d8f0b8..c74c086832ba 100644 --- a/lang/go116/PLIST +++ b/lang/go116/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.6 2021/06/05 12:40:07 bsiegert Exp $ +@comment $NetBSD: PLIST,v 1.7 2021/07/13 10:12:00 bsiegert Exp $ bin/go${GOVERSSUFFIX} bin/gofmt${GOVERSSUFFIX} go116/AUTHORS @@ -9194,6 +9194,9 @@ go116/test/fixedbugs/issue4618.go go116/test/fixedbugs/issue4620.go go116/test/fixedbugs/issue4654.go go116/test/fixedbugs/issue4663.go +go116/test/fixedbugs/issue46653.dir/bad/bad.go +go116/test/fixedbugs/issue46653.dir/main.go +go116/test/fixedbugs/issue46653.go go116/test/fixedbugs/issue4667.go go116/test/fixedbugs/issue4734.go go116/test/fixedbugs/issue4748.go diff --git a/lang/go116/distinfo b/lang/go116/distinfo index 512b239ceed9..d758aefa56ed 100644 --- a/lang/go116/distinfo +++ b/lang/go116/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.8 2021/06/05 12:40:07 bsiegert Exp $ +$NetBSD: distinfo,v 1.9 2021/07/13 10:12:00 bsiegert Exp $ -SHA1 (go1.16.5.src.tar.gz) = b3d00525ea5af180149fafca8da730c6f988f29f -RMD160 (go1.16.5.src.tar.gz) = dfbe9538c56f60215d699b611aac1db182751e5c -SHA512 (go1.16.5.src.tar.gz) = ba90ce1f3faa39519eb5437009c4b710b493e42764a14b0821292a8a17b714fe5985ef20e6e3c340f71cb521ff63d45a23570d38fd752526a1262448c641d544 -Size (go1.16.5.src.tar.gz) = 20921372 bytes +SHA1 (go1.16.6.src.tar.gz) = 047772552a78bb6d20682425e38d43dc4d94ad3f +RMD160 (go1.16.6.src.tar.gz) = 9e8e85819c17977d8b4ffbe6afe8fa00d2946269 +SHA512 (go1.16.6.src.tar.gz) = 82634763dce636c9e9cba1bbf74a669e8b88e6df095e80672f295edb82cc1fc4b8ffde91a1f56c3470f2c4d9ee0404f65146d7478b645890623f6c463513a61f +Size (go1.16.6.src.tar.gz) = 20923044 bytes SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e