Browse Source

golang: Update to 1.16.5

1.16.1 included fixes for:

* CVE-2021-27918 - encoding/xml: infinite loop when using
  xml.NewTokenDecoder with a custom TokenReader
* CVE-2021-27919 - archive/zip: can panic when calling Reader.Open

1.16.4 included fixes for:

* CVE-2021-31525 - net/http: ReadRequest can stack overflow due to
  recursion with very large headers

1.16.5 includes fixes for:

* CVE-2021-33195 - net: Lookup functions may return invalid host names
* CVE-2021-33196 - archive/zip: malformed archive may cause panic or
  memory exhaustion
* CVE-2021-33197 - net/http/httputil: ReverseProxy forwards Connection
  headers if first one is empty

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
lilik-openwrt-22.03
Jeffery To 4 years ago
parent
commit
fe3c49fe07
No known key found for this signature in database GPG Key ID: C616D9E719E868E4
1 changed files with 2 additions and 2 deletions
  1. +2
    -2
      lang/golang/golang/Makefile

+ 2
- 2
lang/golang/golang/Makefile View File

@ -8,7 +8,7 @@
include $(TOPDIR)/rules.mk
GO_VERSION_MAJOR_MINOR:=1.16
GO_VERSION_PATCH:=
GO_VERSION_PATCH:=5
PKG_NAME:=golang
PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
PKG_HASH:=7688063d55656105898f323d90a79a39c378d86fe89ae192eb3b7fc46347c95a
PKG_HASH:=7bfa7e5908c7cc9e75da5ddf3066d7cbcf3fd9fa51945851325eebc17f50ba80
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=BSD-3-Clause


Loading…
Cancel
Save