golang: Update to 1.17.7, refresh patch

This includes fixes for:

* CVE-2022-23772: math/big: Rat.SetString may consume large amount of
  RAM and crash

* CVE-2022-23806: crypto/elliptic: IsOnCurve returns true for invalid
  field elements

Signed-off-by: Jeffery To <jeffery.to@gmail.com>

diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile
index f98ad1d2cb7400a6f298f114dc62b9969ccace2a..b2af6a882ccf7baef4e915b7dab0970a09c9f390 100644 (file)
--- a/lang/golang/golang/Makefile
+++ b/lang/golang/golang/Makefile
@@ -8,7 +8,7 @@
 include $(TOPDIR)/rules.mk
 
 GO_VERSION_MAJOR_MINOR:=1.17
-GO_VERSION_PATCH:=6
+GO_VERSION_PATCH:=7
 
 PKG_NAME:=golang
 PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
@@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \
 
 PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
 PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=4dc1bbf3ff61f0c1ff2b19355e6d88151a70126268a47c761477686ef94748c8
+PKG_HASH:=c108cd33b73b1911a02b697741df3dea43e01a5c4e08e409e8b3a0e3745d2b4d
 
 PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
 PKG_LICENSE:=BSD-3-Clause

diff --git a/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch b/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch
index bfd861f2245a8d5513d8f1553f5c7c0cac04df31..4d93ad2e452fbafb8deeaa9061e0b111ed1831af 100644 (file)
--- a/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch
+++ b/lang/golang/golang/patches/001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch
@@ -2,7 +2,7 @@ This is https://github.com/golang/go/pull/49748 backported for Go 1.17.
 
 --- a/src/cmd/link/internal/ld/lib.go
 +++ b/src/cmd/link/internal/ld/lib.go
-@@ -1388,23 +1388,18 @@ func (ctxt *Link) hostlink() {
+@@ -1391,23 +1391,18 @@ func (ctxt *Link) hostlink() {
                }
  
                if ctxt.Arch.InFamily(sys.ARM, sys.ARM64) && buildcfg.GOOS == "linux" {