package/go: security bump to version 1.22.7

Fixes the following CVEs: CVE-2024-34155: go/parser: stack exhaustion in all Parse* functions CVE-2024-34156: encoding/gob: stack exhaustion in Decoder.Decode CVE-2024-34158: go/build/constraint: stack exhaustion in Parse https://go.dev/doc/devel/release#go1.22.7 Signed-off-by: Christian Stewart <christian@aperture.us> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> (cherry picked from commit 8d371dbe55ea641f7afa3c00ea6475012b8e84fc) Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit 66425c8e1485b83551bb0d8704a01521ed5309e9) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-09-11 21:18:58 +00:00 · 2024-09-11 21:18:58 +00:00 · b2c193295b
commit b2c193295b
parent 2a1114efd6
2 changed files with 2 additions and 2 deletions
--- a/package/go/go.hash
+++ b/package/go/go.hash
@ -1,3 +1,3 @@
 # From https://go.dev/dl
-sha256  ac9c723f224969aee624bc34fd34c9e13f2a212d75c71c807de644bb46e112f6  go1.22.5.src.tar.gz
+sha256  66432d87d85e0cfac3edffe637d5930fc4ddf5793313fe11e4a0f333023c879f  go1.22.7.src.tar.gz
 sha256  2d36597f7117c38b006835ae7f537487207d8ec407aa9d9980794b2030cbc067  LICENSE
--- a/package/go/go.mk
+++ b/package/go/go.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-GO_VERSION = 1.22.5
+GO_VERSION = 1.22.7
 GO_SITE = https://storage.googleapis.com/golang
 GO_SOURCE = go$(GO_VERSION).src.tar.gz