Tue Jul 13 10:12:00 2021 UTC ()
Update go116 to 1.16.6.

This minor release includes a security fix according to the new security policy.

crypto/tls clients can panic when provided a certificate of the wrong type for
the negotiated parameters. net/http clients performing HTTPS requests are also
affected. The panic can be triggered by an attacker in a privileged network
position without access to the server certificate's private key, as long as a
trusted ECDSA or Ed25519 certificate for the server exists (or can be issued),
or the client is configured with Config.InsecureSkipVerify. Clients that
disable all TLS_RSA cipher suites (that is, TLS 1.0–1.2 cipher
suites without ECDHE), as well as TLS 1.3-only clients, are unaffected.

This is issue 47143 and CVE-2021-34558. Thanks to Imre Rad for reporting this
issue.


(bsiegert)
diff -r1.121 -r1.122 pkgsrc/lang/go/version.mk
diff -r1.5 -r1.6 pkgsrc/lang/go116/Makefile
diff -r1.6 -r1.7 pkgsrc/lang/go116/PLIST
diff -r1.8 -r1.9 pkgsrc/lang/go116/distinfo
cvs diff -r1.121 -r1.122 pkgsrc/lang/go/version.mk (expand / switch to unified diff)

--- pkgsrc/lang/go/version.mk 2021/07/13 10:05:08 1.121
+++ pkgsrc/lang/go/version.mk 2021/07/13 10:12:00 1.122
@@ -1,22 +1,22 @@ @@ -1,22 +1,22 @@
1# $NetBSD: version.mk,v 1.121 2021/07/13 10:05:08 bsiegert Exp $ 1# $NetBSD: version.mk,v 1.122 2021/07/13 10:12:00 bsiegert Exp $
2 2
3# 3#
4# If bsd.prefs.mk is included before go-package.mk in a package, then this 4# If bsd.prefs.mk is included before go-package.mk in a package, then this
5# file must be included directly in the package prior to bsd.prefs.mk. 5# file must be included directly in the package prior to bsd.prefs.mk.
6# 6#
7.include "go-vars.mk" 7.include "go-vars.mk"
8 8
9GO116_VERSION= 1.16.5 9GO116_VERSION= 1.16.6
10GO115_VERSION= 1.15.14 10GO115_VERSION= 1.15.14
11GO110_VERSION= 1.10.8 11GO110_VERSION= 1.10.8
12GO19_VERSION= 1.9.7 12GO19_VERSION= 1.9.7
13GO14_VERSION= 1.4.3 13GO14_VERSION= 1.4.3
14 14
15.include "../../mk/bsd.prefs.mk" 15.include "../../mk/bsd.prefs.mk"
16 16
17.if ${OPSYS} == "NetBSD" && ${OS_VERSION:M6.*} 17.if ${OPSYS} == "NetBSD" && ${OS_VERSION:M6.*}
18# 1.9 is the last Go version to support NetBSD 6 18# 1.9 is the last Go version to support NetBSD 6
19GO_VERSION_DEFAULT?= 19 19GO_VERSION_DEFAULT?= 19
20.elif ${OPSYS} == "Darwin" && ${OS_VERSION:R} < 14 20.elif ${OPSYS} == "Darwin" && ${OS_VERSION:R} < 14
21# go 1.11 removed support for osx 10.8 and 10.9 21# go 1.11 removed support for osx 10.8 and 10.9
22# https://github.com/golang/go/issues/23122 22# https://github.com/golang/go/issues/23122
cvs diff -r1.5 -r1.6 pkgsrc/lang/go116/Attic/Makefile (expand / switch to unified diff)

--- pkgsrc/lang/go116/Attic/Makefile 2021/05/24 19:52:33 1.5
+++ pkgsrc/lang/go116/Attic/Makefile 2021/07/13 10:12:00 1.6
@@ -1,16 +1,15 @@ @@ -1,16 +1,15 @@
1# $NetBSD: Makefile,v 1.5 2021/05/24 19:52:33 wiz Exp $ 1# $NetBSD: Makefile,v 1.6 2021/07/13 10:12:00 bsiegert Exp $
2 2
3PKGREVISION= 1 
4.include "../../lang/go/version.mk" 3.include "../../lang/go/version.mk"
5.include "../../lang/go/bootstrap.mk" 4.include "../../lang/go/bootstrap.mk"
6 5
7DISTNAME= go${GO116_VERSION:S/.beta/beta/}.src 6DISTNAME= go${GO116_VERSION:S/.beta/beta/}.src
8PKGNAME= go116-${GO116_VERSION} 7PKGNAME= go116-${GO116_VERSION}
9CATEGORIES= lang 8CATEGORIES= lang
10MASTER_SITES= https://storage.googleapis.com/golang/ 9MASTER_SITES= https://storage.googleapis.com/golang/
11 10
12MAINTAINER= bsiegert@NetBSD.org 11MAINTAINER= bsiegert@NetBSD.org
13HOMEPAGE= https://golang.org/ 12HOMEPAGE= https://golang.org/
14COMMENT= The Go programming language 13COMMENT= The Go programming language
15LICENSE= modified-bsd 14LICENSE= modified-bsd
16 15
cvs diff -r1.6 -r1.7 pkgsrc/lang/go116/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/lang/go116/Attic/PLIST 2021/06/05 12:40:07 1.6
+++ pkgsrc/lang/go116/Attic/PLIST 2021/07/13 10:12:00 1.7
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.6 2021/06/05 12:40:07 bsiegert Exp $ 1@comment $NetBSD: PLIST,v 1.7 2021/07/13 10:12:00 bsiegert Exp $
2bin/go${GOVERSSUFFIX} 2bin/go${GOVERSSUFFIX}
3bin/gofmt${GOVERSSUFFIX} 3bin/gofmt${GOVERSSUFFIX}
4go116/AUTHORS 4go116/AUTHORS
5go116/CONTRIBUTING.md 5go116/CONTRIBUTING.md
6go116/CONTRIBUTORS 6go116/CONTRIBUTORS
7go116/LICENSE 7go116/LICENSE
8go116/PATENTS 8go116/PATENTS
9go116/README.md 9go116/README.md
10go116/SECURITY.md 10go116/SECURITY.md
11go116/VERSION 11go116/VERSION
12go116/api/README 12go116/api/README
13go116/api/except.txt 13go116/api/except.txt
14go116/api/go1.1.txt 14go116/api/go1.1.txt
@@ -9184,26 +9184,29 @@ go116/test/fixedbugs/issue4529.go @@ -9184,26 +9184,29 @@ go116/test/fixedbugs/issue4529.go
9184go116/test/fixedbugs/issue4545.go 9184go116/test/fixedbugs/issue4545.go
9185go116/test/fixedbugs/issue4562.go 9185go116/test/fixedbugs/issue4562.go
9186go116/test/fixedbugs/issue4585.go 9186go116/test/fixedbugs/issue4585.go
9187go116/test/fixedbugs/issue4590.dir/pkg1.go 9187go116/test/fixedbugs/issue4590.dir/pkg1.go
9188go116/test/fixedbugs/issue4590.dir/pkg2.go 9188go116/test/fixedbugs/issue4590.dir/pkg2.go
9189go116/test/fixedbugs/issue4590.dir/prog.go 9189go116/test/fixedbugs/issue4590.dir/prog.go
9190go116/test/fixedbugs/issue4590.go 9190go116/test/fixedbugs/issue4590.go
9191go116/test/fixedbugs/issue4610.go 9191go116/test/fixedbugs/issue4610.go
9192go116/test/fixedbugs/issue4614.go 9192go116/test/fixedbugs/issue4614.go
9193go116/test/fixedbugs/issue4618.go 9193go116/test/fixedbugs/issue4618.go
9194go116/test/fixedbugs/issue4620.go 9194go116/test/fixedbugs/issue4620.go
9195go116/test/fixedbugs/issue4654.go 9195go116/test/fixedbugs/issue4654.go
9196go116/test/fixedbugs/issue4663.go 9196go116/test/fixedbugs/issue4663.go
 9197go116/test/fixedbugs/issue46653.dir/bad/bad.go
 9198go116/test/fixedbugs/issue46653.dir/main.go
 9199go116/test/fixedbugs/issue46653.go
9197go116/test/fixedbugs/issue4667.go 9200go116/test/fixedbugs/issue4667.go
9198go116/test/fixedbugs/issue4734.go 9201go116/test/fixedbugs/issue4734.go
9199go116/test/fixedbugs/issue4748.go 9202go116/test/fixedbugs/issue4748.go
9200go116/test/fixedbugs/issue4752.go 9203go116/test/fixedbugs/issue4752.go
9201go116/test/fixedbugs/issue4776.go 9204go116/test/fixedbugs/issue4776.go
9202go116/test/fixedbugs/issue4785.go 9205go116/test/fixedbugs/issue4785.go
9203go116/test/fixedbugs/issue4813.go 9206go116/test/fixedbugs/issue4813.go
9204go116/test/fixedbugs/issue4847.go 9207go116/test/fixedbugs/issue4847.go
9205go116/test/fixedbugs/issue4879.dir/a.go 9208go116/test/fixedbugs/issue4879.dir/a.go
9206go116/test/fixedbugs/issue4879.dir/b.go 9209go116/test/fixedbugs/issue4879.dir/b.go
9207go116/test/fixedbugs/issue4879.go 9210go116/test/fixedbugs/issue4879.go
9208go116/test/fixedbugs/issue4909a.go 9211go116/test/fixedbugs/issue4909a.go
9209go116/test/fixedbugs/issue4909b.go 9212go116/test/fixedbugs/issue4909b.go
cvs diff -r1.8 -r1.9 pkgsrc/lang/go116/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/go116/Attic/distinfo 2021/06/05 12:40:07 1.8
+++ pkgsrc/lang/go116/Attic/distinfo 2021/07/13 10:12:00 1.9
@@ -1,11 +1,11 @@ @@ -1,11 +1,11 @@
1$NetBSD: distinfo,v 1.8 2021/06/05 12:40:07 bsiegert Exp $ 1$NetBSD: distinfo,v 1.9 2021/07/13 10:12:00 bsiegert Exp $
2 2
3SHA1 (go1.16.5.src.tar.gz) = b3d00525ea5af180149fafca8da730c6f988f29f 3SHA1 (go1.16.6.src.tar.gz) = 047772552a78bb6d20682425e38d43dc4d94ad3f
4RMD160 (go1.16.5.src.tar.gz) = dfbe9538c56f60215d699b611aac1db182751e5c 4RMD160 (go1.16.6.src.tar.gz) = 9e8e85819c17977d8b4ffbe6afe8fa00d2946269
5SHA512 (go1.16.5.src.tar.gz) = ba90ce1f3faa39519eb5437009c4b710b493e42764a14b0821292a8a17b714fe5985ef20e6e3c340f71cb521ff63d45a23570d38fd752526a1262448c641d544 5SHA512 (go1.16.6.src.tar.gz) = 82634763dce636c9e9cba1bbf74a669e8b88e6df095e80672f295edb82cc1fc4b8ffde91a1f56c3470f2c4d9ee0404f65146d7478b645890623f6c463513a61f
6Size (go1.16.5.src.tar.gz) = 20921372 bytes 6Size (go1.16.6.src.tar.gz) = 20923044 bytes
7SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe 7SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
8SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e 8SHA1 (patch-src_cmd_dist_util.go) = 24e6f1b6ded842a8ce322a40e8766f7d344bc47e
9SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e 9SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e
10SHA1 (patch-src_crypto_x509_root__solaris.go) = cce8d78a5a3712a0e7a620ead232a779e4a4b21e 10SHA1 (patch-src_crypto_x509_root__solaris.go) = cce8d78a5a3712a0e7a620ead232a779e4a4b21e
11SHA1 (patch-src_syscall_zsysnum__solaris__amd64.go) = ec28a0fa37ba9599ec1651c8e9337a2efc48a26b 11SHA1 (patch-src_syscall_zsysnum__solaris__amd64.go) = ec28a0fa37ba9599ec1651c8e9337a2efc48a26b