Contains fixes for:
* CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat)
accesses a memory location after the end of a buffer
* CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP
archive containing an invalid name or an empty filename field
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
include $(TOPDIR)/rules.mk
GO_VERSION_MAJOR_MINOR:=1.17
-GO_VERSION_PATCH:=2
+GO_VERSION_PATCH:=3
PKG_NAME:=golang
PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=2255eb3e4e824dd7d5fcdc2e7f84534371c186312e546fb1086a34c17752f431
+PKG_HASH:=705c64251e5b25d5d55ede1039c6aa22bea40a7a931d14c370339853643c3df0
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=BSD-3-Clause