golang: update to version 1.18.8
Fixes following CVEs:
- CVE-2022-32189 (version 1.18.5 [1]]
- CVE-2022-27664 (version 1.18.6 [2])
- CVE-2022-32190 (version 1.18.6 [2])
- CVE-2022-2879 (version 1.18.7 [3])
- CVE-2022-2880 (version 1.18.7 [3])
- CVE-2022-41715 (version 1.18.7 [3])
- CVE-2022-41716 (version 1.18.8 [4])
and refreshed patch
[1] https://groups.google.com/g/golang-announce/c/YqYYG87xB10
[2] https://groups.google.com/g/golang-announce/c/x49AQzIVX-s
[3] https://groups.google.com/g/golang-announce/c/xtuG5faxtaU
[4] https://groups.google.com/g/golang-announce/c/mbHY1UY3BaM
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit
c33c2d886918cfbc1af8d60cbb530ba563084b67)
projects / feed / packages.git / commit