NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
33e5043eba
kumquat-buildroot/package/go
History
Christian Stewart 5d95b4d90d package/go: security bump to version 1.21.1 
go1.21.1 (released 2023-09-06) includes four security fixes to the cmd/go,
crypto/tls, and html/template packages, as well as bug fixes to the compiler,
the go command, the linker, the runtime, and the context, crypto/tls,
encoding/gob, encoding/xml, go/types, net/http, os, and path/filepath packages.

Security fixes:

CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary execution
CVE-2023-39318: html/template: improper handling of HTML-like comments within script contexts
CVE-2023-39319: html/template: improper handling of special tags within script contexts
CVE-2023-39321: crypto/tls: panic when processing post-handshake message on QUIC connections

https://go.dev/doc/devel/release#go1.21.0

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-09-08 12:20:10 +02:00
..
0001-build.go-explicit-option-for-crosscompilation.patch
0002-cmd-dist-set-buildvcs-false-when-building-go-bootstr.patch package/go: adjust Upstream header in patch 2023-07-28 22:09:22 +02:00
Config.in.host package/go: adjust comments 2023-07-22 23:00:06 +02:00
go.hash package/go: security bump to version 1.21.1 2023-09-08 12:20:10 +02:00
go.mk package/go: security bump to version 1.21.1 2023-09-08 12:20:10 +02:00