Includes fixes for security vulnerabilities:
* [CVE-2022-27664](https://github.com/advisories/GHSA-69cg-p879-7622) net/http: handle server errors after sending GOAWAY
* [CVE-2022-32190](https://github.com/golang/go/issues/54385) net/url: JoinPath does not strip relative path components in all circumstances
* [CVE-2022-2879](https://github.com/golang/go/issues/54853) archive/tar: unbounded memory consumption when reading headers
* [CVE-2022-2880](https://github.com/golang/go/issues/54663) net/http/httputil: ReverseProxy should not forward unparseable query parameters
* [CVE-2022-41715](https://github.com/golang/go/issues/55949) regexp/syntax: limit memory used by parsing regexps
Addresses the build failure:
* https://github.com/openwrt/packages/pull/19613
Signed-off-by: Stanislav Petrashov <s@petrashov.ru>
(cherry picked from commit
0ad7a2fe1841a46107b88026a3b95b54571afb88)
include $(TOPDIR)/rules.mk
-GO_VERSION_MAJOR_MINOR:=1.18
-GO_VERSION_PATCH:=8
+GO_VERSION_MAJOR_MINOR:=1.19
+GO_VERSION_PATCH:=2
PKG_NAME:=golang
PKG_VERSION:=$(GO_VERSION_MAJOR_MINOR)$(if $(GO_VERSION_PATCH),.$(GO_VERSION_PATCH))
PKG_SOURCE:=go$(PKG_VERSION).src.tar.gz
PKG_SOURCE_URL:=$(GO_SOURCE_URLS)
-PKG_HASH:=1f79802305015479e77d8c641530bc54ec994657d5c5271e0172eb7118346a12
+PKG_HASH:=2ce930d70a931de660fdaf271d70192793b1b240272645bf0275779f6704df6b
PKG_MAINTAINER:=Jeffery To <jeffery.to@gmail.com>
PKG_LICENSE:=BSD-3-Clause
--- a/src/cmd/link/internal/ld/lib.go
+++ b/src/cmd/link/internal/ld/lib.go
-@@ -1392,25 +1392,20 @@ func (ctxt *Link) hostlink() {
+@@ -1502,25 +1502,20 @@ func (ctxt *Link) hostlink() {
}
if ctxt.Arch.InFamily(sys.ARM, sys.ARM64) && buildcfg.GOOS == "linux" {
projects / feed / packages.git / commitdiff