Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits))
	(Client CN "mail.NetBSD.org", Issuer "mail.NetBSD.org CA" (not verified))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 5115E1A923A
	for <mhonarc+pkgsrc-changes@mail-index.netbsd.org>; Thu,  9 Dec 2021 17:25:59 +0000 (UTC)
Received: by mail.netbsd.org (Postfix, from userid 605)
	id A364D84E81; Thu,  9 Dec 2021 17:25:58 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by mail.netbsd.org (Postfix) with ESMTP id 8DE9384D1C
	for <pkgsrc-changes@NetBSD.org>; Thu,  9 Dec 2021 17:25:57 +0000 (UTC)
X-Virus-Scanned: amavisd-new at netbsd.org
Received: from mail.netbsd.org ([IPv6:::1])
	by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025)
	with ESMTP id XZG3hg9wh6Ny for <pkgsrc-changes@netbsd.org>;
	Thu,  9 Dec 2021 17:25:56 +0000 (UTC)
Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197])
	by mail.netbsd.org (Postfix) with ESMTP id B381384D21
	for <pkgsrc-changes@NetBSD.org>; Thu,  9 Dec 2021 17:25:56 +0000 (UTC)
Received: by cvs.NetBSD.org (Postfix, from userid 500)
	id AC048FAEC; Thu,  9 Dec 2021 17:25:56 +0000 (UTC)
Content-Transfer-Encoding: 7bit
Content-Type: multipart/mixed; boundary="_----------=_163907075629130"
MIME-Version: 1.0
Date: Thu, 9 Dec 2021 17:25:56 +0000
From: "Benny Siegert" <bsiegert@netbsd.org>
Subject: CVS commit: pkgsrc/lang
To: pkgsrc-changes@NetBSD.org
Reply-To: bsiegert@netbsd.org
X-Mailer: log_accum
Message-Id: <20211209172556.AC048FAEC@cvs.NetBSD.org>
Sender: pkgsrc-changes-owner@NetBSD.org
List-Id: <pkgsrc-changes.NetBSD.org>
Precedence: bulk
List-Unsubscribe: <mailto:majordomo@NetBSD.org?subject=Unsubscribe%20pkgsrc-changes&body=unsubscribe%20pkgsrc-changes>

This is a multi-part message in MIME format.

--_----------=_163907075629130
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="US-ASCII"

Module Name:	pkgsrc
Committed By:	bsiegert
Date:		Thu Dec  9 17:25:56 UTC 2021

Modified Files:
	pkgsrc/lang/go: version.mk
	pkgsrc/lang/go117: PLIST distinfo

Log Message:
Update go117 to 1.17.5.

go1.17.4 (released 2021-12-02) includes fixes to the compiler, linker, runtime,
and the go/types, net/http, and time packages. See the Go 1.17.4 milestone on
our issue tracker for details.

go1.17.5 (released 2021-12-09) includes security fixes to the syscall and
net/http packages. See the Go 1.17.5 milestone on our issue tracker for
details.

When a Go program running on a Unix system is out of file descriptors and calls
syscall.ForkExec (including indirectly by using the os/exec package),
syscall.ForkExec can close file descriptor 0 as it fails. If this happens (or
can be provoked) repeatedly, it can result in misdirected I/O such as writing
network traffic intended for one connection to a different connection, or
content intended for one file to a different one.

This is CVE-2021-44717 and is fixed in Go 1.17.5 and Go 1.16.12.

An attacker can cause unbounded memory growth in a Go server accepting HTTP/2
requests.

This is CVE-2021-44716 and is fixed in Go 1.17.5 and Go 1.16.12.


To generate a diff of this commit:
cvs rdiff -u -r1.136 -r1.137 pkgsrc/lang/go/version.mk
cvs rdiff -u -r1.3 -r1.4 pkgsrc/lang/go117/PLIST
cvs rdiff -u -r1.10 -r1.11 pkgsrc/lang/go117/distinfo

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


--_----------=_163907075629130
Content-Disposition: inline
Content-Length: 3541
Content-Transfer-Encoding: binary
Content-Type: text/x-diff; charset=us-ascii

Modified files:

Index: pkgsrc/lang/go/version.mk
diff -u pkgsrc/lang/go/version.mk:1.136 pkgsrc/lang/go/version.mk:1.137
--- pkgsrc/lang/go/version.mk:1.136	Thu Dec  9 17:13:49 2021
+++ pkgsrc/lang/go/version.mk	Thu Dec  9 17:25:56 2021
@@ -1,4 +1,4 @@
-# $NetBSD: version.mk,v 1.136 2021/12/09 17:13:49 bsiegert Exp $
+# $NetBSD: version.mk,v 1.137 2021/12/09 17:25:56 bsiegert Exp $
 
 #
 # If bsd.prefs.mk is included before go-package.mk in a package, then this
@@ -6,7 +6,7 @@
 #
 .include "go-vars.mk"
 
-GO117_VERSION=	1.17.3
+GO117_VERSION=	1.17.5
 GO116_VERSION=	1.16.12
 GO110_VERSION=	1.10.8
 GO19_VERSION=	1.9.7

Index: pkgsrc/lang/go117/PLIST
diff -u pkgsrc/lang/go117/PLIST:1.3 pkgsrc/lang/go117/PLIST:1.4
--- pkgsrc/lang/go117/PLIST:1.3	Fri Nov  5 19:35:00 2021
+++ pkgsrc/lang/go117/PLIST	Thu Dec  9 17:25:56 2021
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.3 2021/11/05 19:35:00 bsiegert Exp $
+@comment $NetBSD: PLIST,v 1.4 2021/12/09 17:25:56 bsiegert Exp $
 bin/go${GOVERSSUFFIX}
 bin/gofmt${GOVERSSUFFIX}
 go117/AUTHORS
@@ -4987,6 +4987,7 @@ go117/src/go/types/testdata/fixedbugs/is
 go117/src/go/types/testdata/fixedbugs/issue45985.go2
 go117/src/go/types/testdata/fixedbugs/issue46403.src
 go117/src/go/types/testdata/fixedbugs/issue46404.go1
+go117/src/go/types/testdata/fixedbugs/issue48819.src
 go117/src/go/types/testdata/fixedbugs/issue6977.src
 go117/src/go/types/token_test.go
 go117/src/go/types/type.go
@@ -10013,6 +10014,7 @@ go117/test/fixedbugs/issue48088.dir/a.go
 go117/test/fixedbugs/issue48088.dir/b.go
 go117/test/fixedbugs/issue48088.go
 go117/test/fixedbugs/issue4813.go
+go117/test/fixedbugs/issue48289.go
 go117/test/fixedbugs/issue4847.go
 go117/test/fixedbugs/issue48473.go
 go117/test/fixedbugs/issue48476.go
@@ -10021,10 +10023,13 @@ go117/test/fixedbugs/issue4879.dir/b.go
 go117/test/fixedbugs/issue4879.go
 go117/test/fixedbugs/issue4909a.go
 go117/test/fixedbugs/issue4909b.go
+go117/test/fixedbugs/issue49122.go
+go117/test/fixedbugs/issue49249.go
 go117/test/fixedbugs/issue4932.dir/foo.go
 go117/test/fixedbugs/issue4932.dir/state.go
 go117/test/fixedbugs/issue4932.dir/state2.go
 go117/test/fixedbugs/issue4932.go
+go117/test/fixedbugs/issue49378.go
 go117/test/fixedbugs/issue4964.dir/a.go
 go117/test/fixedbugs/issue4964.dir/b.go
 go117/test/fixedbugs/issue4964.go

Index: pkgsrc/lang/go117/distinfo
diff -u pkgsrc/lang/go117/distinfo:1.10 pkgsrc/lang/go117/distinfo:1.11
--- pkgsrc/lang/go117/distinfo:1.10	Fri Nov  5 19:35:00 2021
+++ pkgsrc/lang/go117/distinfo	Thu Dec  9 17:25:56 2021
@@ -1,8 +1,8 @@
-$NetBSD: distinfo,v 1.10 2021/11/05 19:35:00 bsiegert Exp $
+$NetBSD: distinfo,v 1.11 2021/12/09 17:25:56 bsiegert Exp $
 
-BLAKE2s (go1.17.3.src.tar.gz) = 18b2f8031ebfd8fcc074c5d72239410d018fb8780ebbfa3b107812f175a9c3c0
-SHA512 (go1.17.3.src.tar.gz) = a2793efefe3f7e89054453cada03c25a900a4a6b71b2dfa0f5f33c1d8946711c983067dd54021faa5605074708db8e4225d104be703d307f3dbcc6035410acbd
-Size (go1.17.3.src.tar.gz) = 22183309 bytes
+BLAKE2s (go1.17.5.src.tar.gz) = 6b93a04ae6f017ffe52a7281e41227203310c56c1bc26028e5d5a4de673b702d
+SHA512 (go1.17.5.src.tar.gz) = 6c833455fe79476c29a0565ae3b5ede452abb75689d52cbaa524743549f6f12681b6b5035dc4048387bd738c15b7cd8bdc4c875d54232ca2343c7404a4326884
+Size (go1.17.5.src.tar.gz) = 22186577 bytes
 SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
 SHA1 (patch-src_cmd_dist_util.go) = 2d9c2f59e27672d56f5f1a0e3f9d5101a05546a7
 SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e


--_----------=_163907075629130--