package/go: security bump to version 1.15.15

Fixes the following security issues:

- CVE-2021-34558: crypto/tls clients can panic when provided a certificate
  of the wrong type for the negotiated parameters.  net/http clients
  performing HTTPS requests are also affected.  The panic can be triggered
  by an attacker in a privileged network position without access to the
  server certificate's private key, as long as a trusted ECDSA or Ed25519
  certificate for the server exists (or can be issued), or the client is
  configured with Config.InsecureSkipVerify.  Clients that disable all
  TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher suites without ECDHE),
  as well as TLS 1.3-only clients, are unaffected.

- CVE-2021-36221: A net/http/httputil ReverseProxy can panic due to a race
  condition if its Handler aborts with ErrAbortHandler, for example due to
  an error in copying the response body.  An attacker might be able to force
  the conditions leading to the race condition.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>

package/go/go.hash

@@ -1,3 +1,3 @@
 # From https://golang.org/dl/
-sha256  99069e7223479cce4553f84f874b9345f6f4045f27cf5089489b546da619a244  go1.15.13.src.tar.gz
+sha256  0662ae3813330280d5f1a97a2ee23bbdbe3a5a7cfa6001b24a9873a19a0dc7ec  go1.15.15.src.tar.gz
 sha256	2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE

package/go/go.mk

@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-GO_VERSION = 1.15.13
+GO_VERSION = 1.15.15
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz