golang: Update to 1.20.5

Includes fixes for:

* CVE-2023-29402: cmd/go: cgo code injection
* CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries
* CVE-2023-29404: cmd/go: improper sanitization of LDFLAGS
* CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS

Signed-off-by: Jeffery To <jeffery.to@gmail.com>

diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile
index a467e08faf9c99987d44f7ea6fd7c74709cc84f7..c9e385c870717cf3eccb204eb3a80148202f26dc 100644 (file)
--- a/lang/golang/golang/Makefile
+++ b/lang/golang/golang/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 GO_VERSION_MAJOR_MINOR:=1.20
-GO_VERSION_PATCH:=4
+GO_VERSION_PATCH:=5
 
 PKG_NAME:=golang
 PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
@@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \
 
 PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
 PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=9f34ace128764b7a3a4b238b805856cc1b2184304df9e5690825b0710f4202d6
+PKG_HASH:=9a15c133ba2cfafe79652f4815b62e7cfc267f68df1b9454c6ab2a3ca8b96a88
 
 PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
 PKG_LICENSE:=BSD-3-Clause