Mon Mar 7 08:44:52 2022 UTC ()
Update go117 to 1.17.8 (security).

This minor release includes a security fix following the security policy:

regexp: stack exhaustion compiling deeply nested expressions

On 64-bit platforms, an extremely deeply nested expression can cause
regexp.Compile to cause goroutine stack exhaustion, forcing the program to
exit. Note this applies to very large expressions, on the order of 2MB.

Thanks to Juho Nurminen of Mattermost for reporting this.

This is CVE-2022-24921 and https://go.dev/issue/51112.


(bsiegert)
diff -r1.142 -r1.143 pkgsrc/lang/go/version.mk
diff -r1.6 -r1.7 pkgsrc/lang/go117/PLIST
diff -r1.13 -r1.14 pkgsrc/lang/go117/distinfo
cvs diff -r1.142 -r1.143 pkgsrc/lang/go/version.mk (expand / switch to unified diff)

--- pkgsrc/lang/go/version.mk 2022/03/06 09:53:43 1.142
+++ pkgsrc/lang/go/version.mk 2022/03/07 08:44:52 1.143
@@ -1,22 +1,22 @@ @@ -1,22 +1,22 @@
1# $NetBSD: version.mk,v 1.142 2022/03/06 09:53:43 bsiegert Exp $ 1# $NetBSD: version.mk,v 1.143 2022/03/07 08:44:52 bsiegert Exp $
2 2
3# 3#
4# If bsd.prefs.mk is included before go-package.mk in a package, then this 4# If bsd.prefs.mk is included before go-package.mk in a package, then this
5# file must be included directly in the package prior to bsd.prefs.mk. 5# file must be included directly in the package prior to bsd.prefs.mk.
6# 6#
7.include "go-vars.mk" 7.include "go-vars.mk"
8 8
9GO117_VERSION= 1.17.7 9GO117_VERSION= 1.17.8
10GO116_VERSION= 1.16.15 10GO116_VERSION= 1.16.15
11GO110_VERSION= 1.10.8 11GO110_VERSION= 1.10.8
12GO19_VERSION= 1.9.7 12GO19_VERSION= 1.9.7
13GO14_VERSION= 1.4.3 13GO14_VERSION= 1.4.3
14 14
15.include "../../mk/bsd.prefs.mk" 15.include "../../mk/bsd.prefs.mk"
16 16
17.if ${OPSYS} == "NetBSD" && ${OPSYS_VERSION} < 070000 17.if ${OPSYS} == "NetBSD" && ${OPSYS_VERSION} < 070000
18# 1.9 is the last Go version to support NetBSD 6 18# 1.9 is the last Go version to support NetBSD 6
19GO_VERSION_DEFAULT?= 19 19GO_VERSION_DEFAULT?= 19
20.elif ${OPSYS} == "Darwin" && ${OPSYS_VERSION} < 101000 20.elif ${OPSYS} == "Darwin" && ${OPSYS_VERSION} < 101000
21# go 1.11 removed support for osx 10.8 and 10.9 21# go 1.11 removed support for osx 10.8 and 10.9
22# https://github.com/golang/go/issues/23122 22# https://github.com/golang/go/issues/23122
cvs diff -r1.6 -r1.7 pkgsrc/lang/go117/Attic/PLIST (expand / switch to unified diff)

--- pkgsrc/lang/go117/Attic/PLIST 2022/02/12 20:14:01 1.6
+++ pkgsrc/lang/go117/Attic/PLIST 2022/03/07 08:44:52 1.7
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1@comment $NetBSD: PLIST,v 1.6 2022/02/12 20:14:01 bsiegert Exp $ 1@comment $NetBSD: PLIST,v 1.7 2022/03/07 08:44:52 bsiegert Exp $
2bin/go${GOVERSSUFFIX} 2bin/go${GOVERSSUFFIX}
3bin/gofmt${GOVERSSUFFIX} 3bin/gofmt${GOVERSSUFFIX}
4go117/AUTHORS 4go117/AUTHORS
5go117/CONTRIBUTING.md 5go117/CONTRIBUTING.md
6go117/CONTRIBUTORS 6go117/CONTRIBUTORS
7go117/LICENSE 7go117/LICENSE
8go117/PATENTS 8go117/PATENTS
9go117/README.md 9go117/README.md
10go117/SECURITY.md 10go117/SECURITY.md
11go117/VERSION 11go117/VERSION
12go117/api/README 12go117/api/README
13go117/api/except.txt 13go117/api/except.txt
14go117/api/go1.1.txt 14go117/api/go1.1.txt
@@ -4227,26 +4227,27 @@ go117/src/crypto/tls/testdata/Server-TLS @@ -4227,26 +4227,27 @@ go117/src/crypto/tls/testdata/Server-TLS
4227go117/src/crypto/tls/testdata/example-cert.pem 4227go117/src/crypto/tls/testdata/example-cert.pem
4228go117/src/crypto/tls/testdata/example-key.pem 4228go117/src/crypto/tls/testdata/example-key.pem
4229go117/src/crypto/tls/ticket.go 4229go117/src/crypto/tls/ticket.go
4230go117/src/crypto/tls/tls.go 4230go117/src/crypto/tls/tls.go
4231go117/src/crypto/tls/tls_test.go 4231go117/src/crypto/tls/tls_test.go
4232go117/src/crypto/x509/cert_pool.go 4232go117/src/crypto/x509/cert_pool.go
4233go117/src/crypto/x509/example_test.go 4233go117/src/crypto/x509/example_test.go
4234go117/src/crypto/x509/internal/macos/corefoundation.go 4234go117/src/crypto/x509/internal/macos/corefoundation.go
4235go117/src/crypto/x509/internal/macos/corefoundation.s 4235go117/src/crypto/x509/internal/macos/corefoundation.s
4236go117/src/crypto/x509/internal/macos/security.go 4236go117/src/crypto/x509/internal/macos/security.go
4237go117/src/crypto/x509/internal/macos/security.s 4237go117/src/crypto/x509/internal/macos/security.s
4238go117/src/crypto/x509/name_constraints_test.go 4238go117/src/crypto/x509/name_constraints_test.go
4239go117/src/crypto/x509/parser.go 4239go117/src/crypto/x509/parser.go
 4240go117/src/crypto/x509/parser_test.go
4240go117/src/crypto/x509/pem_decrypt.go 4241go117/src/crypto/x509/pem_decrypt.go
4241go117/src/crypto/x509/pem_decrypt_test.go 4242go117/src/crypto/x509/pem_decrypt_test.go
4242go117/src/crypto/x509/pkcs1.go 4243go117/src/crypto/x509/pkcs1.go
4243go117/src/crypto/x509/pkcs8.go 4244go117/src/crypto/x509/pkcs8.go
4244go117/src/crypto/x509/pkcs8_test.go 4245go117/src/crypto/x509/pkcs8_test.go
4245go117/src/crypto/x509/pkix/pkix.go 4246go117/src/crypto/x509/pkix/pkix.go
4246go117/src/crypto/x509/root.go 4247go117/src/crypto/x509/root.go
4247go117/src/crypto/x509/root_aix.go 4248go117/src/crypto/x509/root_aix.go
4248go117/src/crypto/x509/root_bsd.go 4249go117/src/crypto/x509/root_bsd.go
4249go117/src/crypto/x509/root_darwin.go 4250go117/src/crypto/x509/root_darwin.go
4250go117/src/crypto/x509/root_darwin_test.go 4251go117/src/crypto/x509/root_darwin_test.go
4251go117/src/crypto/x509/root_ios.go 4252go117/src/crypto/x509/root_ios.go
4252go117/src/crypto/x509/root_ios_gen.go 4253go117/src/crypto/x509/root_ios_gen.go
@@ -10033,26 +10034,27 @@ go117/test/fixedbugs/issue4932.dir/state @@ -10033,26 +10034,27 @@ go117/test/fixedbugs/issue4932.dir/state
10033go117/test/fixedbugs/issue4932.go 10034go117/test/fixedbugs/issue4932.go
10034go117/test/fixedbugs/issue49378.go 10035go117/test/fixedbugs/issue49378.go
10035go117/test/fixedbugs/issue4964.dir/a.go 10036go117/test/fixedbugs/issue4964.dir/a.go
10036go117/test/fixedbugs/issue4964.dir/b.go 10037go117/test/fixedbugs/issue4964.dir/b.go
10037go117/test/fixedbugs/issue4964.go 10038go117/test/fixedbugs/issue4964.go
10038go117/test/fixedbugs/issue5002.go 10039go117/test/fixedbugs/issue5002.go
10039go117/test/fixedbugs/issue5056.go 10040go117/test/fixedbugs/issue5056.go
10040go117/test/fixedbugs/issue50671.go 10041go117/test/fixedbugs/issue50671.go
10041go117/test/fixedbugs/issue50854.go 10042go117/test/fixedbugs/issue50854.go
10042go117/test/fixedbugs/issue5089.go 10043go117/test/fixedbugs/issue5089.go
10043go117/test/fixedbugs/issue5105.dir/a.go 10044go117/test/fixedbugs/issue5105.dir/a.go
10044go117/test/fixedbugs/issue5105.dir/b.go 10045go117/test/fixedbugs/issue5105.dir/b.go
10045go117/test/fixedbugs/issue5105.go 10046go117/test/fixedbugs/issue5105.go
 10047go117/test/fixedbugs/issue51101.go
10046go117/test/fixedbugs/issue5125.dir/bug.go 10048go117/test/fixedbugs/issue5125.dir/bug.go
10047go117/test/fixedbugs/issue5125.dir/main.go 10049go117/test/fixedbugs/issue5125.dir/main.go
10048go117/test/fixedbugs/issue5125.go 10050go117/test/fixedbugs/issue5125.go
10049go117/test/fixedbugs/issue5162.go 10051go117/test/fixedbugs/issue5162.go
10050go117/test/fixedbugs/issue5172.go 10052go117/test/fixedbugs/issue5172.go
10051go117/test/fixedbugs/issue5231.go 10053go117/test/fixedbugs/issue5231.go
10052go117/test/fixedbugs/issue5244.go 10054go117/test/fixedbugs/issue5244.go
10053go117/test/fixedbugs/issue5259.dir/bug.go 10055go117/test/fixedbugs/issue5259.dir/bug.go
10054go117/test/fixedbugs/issue5259.dir/main.go 10056go117/test/fixedbugs/issue5259.dir/main.go
10055go117/test/fixedbugs/issue5259.go 10057go117/test/fixedbugs/issue5259.go
10056go117/test/fixedbugs/issue5260.dir/a.go 10058go117/test/fixedbugs/issue5260.dir/a.go
10057go117/test/fixedbugs/issue5260.dir/b.go 10059go117/test/fixedbugs/issue5260.dir/b.go
10058go117/test/fixedbugs/issue5260.go 10060go117/test/fixedbugs/issue5260.go
cvs diff -r1.13 -r1.14 pkgsrc/lang/go117/Attic/distinfo (expand / switch to unified diff)

--- pkgsrc/lang/go117/Attic/distinfo 2022/02/12 20:14:01 1.13
+++ pkgsrc/lang/go117/Attic/distinfo 2022/03/07 08:44:52 1.14
@@ -1,10 +1,10 @@ @@ -1,10 +1,10 @@
1$NetBSD: distinfo,v 1.13 2022/02/12 20:14:01 bsiegert Exp $ 1$NetBSD: distinfo,v 1.14 2022/03/07 08:44:52 bsiegert Exp $
2 2
3BLAKE2s (go1.17.7.src.tar.gz) = 8f04f9f8153f9a0dbd75898a49a9d1298b84a73d486460706a75ba81f9970dac 3BLAKE2s (go1.17.8.src.tar.gz) = c974cde147bb2bd4e149b6d06f253be12ae6e4838170957c0a17c94cedaf6830
4SHA512 (go1.17.7.src.tar.gz) = ee20a97d19e501ee2c11930548bcacfa8b1e8499bbae15659231548f4b03c13bc92bb20c4ce879f0956c02268e748c73ba56d8b140ce8f134501c33cc8b58d3c 4SHA512 (go1.17.8.src.tar.gz) = 21d5c51ce62bc3b987dd5bf7c6b7e1a934fe40582bfbbe99ca80c26d41253e796a4b9d02c571f1e5ab3fd7c3950175e23b9929b0d934f421c96a6d6128c44668
5Size (go1.17.7.src.tar.gz) = 22195583 bytes 5Size (go1.17.8.src.tar.gz) = 22199282 bytes
6SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe 6SHA1 (patch-misc_ios_clangwrap.sh) = 0a06403609cb7bce2e6f65444fd322f486761afe
7SHA1 (patch-src_cmd_dist_util.go) = 2d9c2f59e27672d56f5f1a0e3f9d5101a05546a7 7SHA1 (patch-src_cmd_dist_util.go) = 2d9c2f59e27672d56f5f1a0e3f9d5101a05546a7
8SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e 8SHA1 (patch-src_crypto_x509_root__bsd.go) = 27636e0d8c121ccec6c46a3a82cd0e0469473a6e
9SHA1 (patch-src_crypto_x509_root__solaris.go) = cce8d78a5a3712a0e7a620ead232a779e4a4b21e 9SHA1 (patch-src_crypto_x509_root__solaris.go) = cce8d78a5a3712a0e7a620ead232a779e4a4b21e
10SHA1 (patch-src_syscall_zsysnum__solaris__amd64.go) = ec28a0fa37ba9599ec1651c8e9337a2efc48a26b 10SHA1 (patch-src_syscall_zsysnum__solaris__amd64.go) = ec28a0fa37ba9599ec1651c8e9337a2efc48a26b