projects / feed / packages.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: a561fe0) | patch
golang: Update to 1.15.5
authorJeffery To <jeffery.to@gmail.com>
Sun, 15 Nov 2020 17:57:05 +0000 (01:57 +0800)
committerHannu Nyman <hannu.nyman@iki.fi>
Sun, 15 Nov 2020 19:43:07 +0000 (21:43 +0200)
commitbd38850609027f6ab140894bff7c4f53d8cc6243
tree265d6f609eaa9ab79ebb0125be04089cfad4b976tree | snapshot
parenta561fe0d35c6279fd905c4f3130fd3087ae630f2commit | diff
golang: Update to 1.15.5

This includes security fixes for:
* CVE-2020-28362: panic during recursive division of very large numbers
* CVE-2020-28366: arbitrary code can be injected into cgo generated
  files
* CVE-2020-28367: improper validation of cgo flags can lead to remote
  code execution at build time

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
lang/golang/golang/Makefile diff | blob | history
lang/golang/golang/patches/001-allow-flags-in-CGO_LDFLAGS-environment-variable-not-in-security-allowlist-GH-42567.patch [new file with mode: 0644] blob
Mirror of packages feed