kumquat-buildroot/package/go
Christian Stewart a94f816e45 package/go: security bump to go1.21.8
Fixes the following CVEs:

CVE-2024-24783: crypto/x509: Verify panics on certificates with an unknown public key algorithm
CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm
CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
CVE-2024-24785: html/template: errors returned from MarshalJSON methods may break template escaping
CVE-2024-24784: net/mail: comments in display names are incorrectly handled

https://go.dev/doc/devel/release#go1.21.8

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2024-03-06 08:23:51 +01:00
..
0001-build.go-explicit-option-for-crosscompilation.patch
0002-cmd-dist-set-buildvcs-false-when-building-go-bootstr.patch
Config.in.host
go.hash package/go: security bump to go1.21.8 2024-03-06 08:23:51 +01:00
go.mk package/go: security bump to go1.21.8 2024-03-06 08:23:51 +01:00