From: Jeffery To Date: Thu, 18 Nov 2021 19:40:17 +0000 (+0800) Subject: golang: Update to 1.17.3 X-Git-Url: http://git.lede-project.org./?a=commitdiff_plain;h=refs%2Fpull%2F17151%2Fhead;p=feed%2Fpackages.git golang: Update to 1.17.3 Contains fixes for: * CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat) accesses a memory location after the end of a buffer * CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP archive containing an invalid name or an empty filename field Signed-off-by: Jeffery To --- diff --git a/lang/golang/golang/Makefile b/lang/golang/golang/Makefile index a9048186d5..30979fe7c6 100644 --- a/lang/golang/golang/Makefile +++ b/lang/golang/golang/Makefile @@ -8,7 +8,7 @@ include $(TOPDIR)/rules.mk GO_VERSION_MAJOR_MINOR:=1.17 -GO_VERSION_PATCH:=2 +GO_VERSION_PATCH:=3 PKG_NAME:=golang PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH)) @@ -20,7 +20,7 @@ GO_SOURCE_URLS:=https://dl.google.com/go/ \ PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz PKG_SOURCE_URL:=$(GO_SOURCE_URLS) -PKG_HASH:=2255eb3e4e824dd7d5fcdc2e7f84534371c186312e546fb1086a34c17752f431 +PKG_HASH:=705c64251e5b25d5d55ede1039c6aa22bea40a7a931d14c370339853643c3df0 PKG_MAINTAINER:=Jeffery To PKG_LICENSE:=BSD-3-Clause