GNU bug report logs - #39348
[PATCH] gnu: go: Update to 1.12.16 [fixes CVE-2018-17075]

Previous Next

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 39348 in the body.
You can then email your comments to 39348 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Jakub Kądziołka <kuba <at> kadziolka.net>
To: guix-patches <at> gnu.org
Subject: [PATCH] gnu: go: Update to 1.12.16 [fixes CVE-2018-17075]
Date: Wed, 29 Jan 2020 22:21:01 +0100

* gnu/packages/golang.scm (go-1.12): Update to 1.12.16.
---
Tested by building `go' and `syncthing' (the latter being a prominent Go
package). Of course, both builds succeeded.
---
 gnu/packages/golang.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm
index a6b5f2a4cf..9102469749 100644
--- a/gnu/packages/golang.scm
+++ b/gnu/packages/golang.scm
@@ -220,7 +220,7 @@ in the style of communicating sequential processes (@dfn{CSP}).")
   (package
     (inherit go-1.4)
     (name "go")
-    (version "1.12.15")
+    (version "1.12.16")
     (source
      (origin
        (method url-fetch)
@@ -228,7 +228,7 @@ in the style of communicating sequential processes (@dfn{CSP}).")
                            name version ".src.tar.gz"))
        (sha256
         (base32
-         "1hw4xjywcl883dnvfbb92w85sy8n231fdri4aynj8xajgr0p9fla"))))
+         "1y0x10fsvgpc1x24b9q9y6kv9b0kwf7879am3p0gym2abgc5wvnf"))))
     (arguments
      (substitute-keyword-arguments (package-arguments go-1.4)
        ((#:phases phases)
-- 
2.25.0

Message #8 received at 39348 <at> debbugs.gnu.org (full text, mbox):

From: Leo Famulari <leo <at> famulari.name>
To: Jakub Kądziołka <kuba <at> kadziolka.net>
Cc: 39348 <at> debbugs.gnu.org
Subject: Re: [bug#39348] [PATCH] gnu: go: Update to 1.12.16 [fixes
 CVE-2018-17075]
Date: Wed, 29 Jan 2020 20:28:35 -0500

[Message part 1 (text/plain, inline)]

On Wed, Jan 29, 2020 at 10:21:01PM +0100, Jakub Kądziołka wrote:
> * gnu/packages/golang.scm (go-1.12): Update to 1.12.16.
> ---
> Tested by building `go' and `syncthing' (the latter being a prominent Go
> package). Of course, both builds succeeded.

Thanks for the patch and for describing how you tested it!

Pushed as 7037ffe11acd3988e1d9281923c99fc5d74afac2

[signature.asc (application/pgp-signature, inline)]

Message #13 received at 39348-done <at> debbugs.gnu.org (full text, mbox):

From: Jakub Kądziołka <kuba <at> kadziolka.net>
To: 39348-done <at> debbugs.gnu.org
Subject: [leo <at> famulari.name: Re: [bug#39348] [PATCH] gnu: go: Update to
 1.12.16 [fixes CVE-2018-17075]]
Date: Thu, 30 Jan 2020 19:30:19 +0100

----- Forwarded message from Leo Famulari <leo <at> famulari.name> -----

Date: Wed, 29 Jan 2020 20:28:35 -0500
From: Leo Famulari <leo <at> famulari.name>
To: Jakub Kądziołka <kuba <at> kadziolka.net>
Cc: 39348 <at> debbugs.gnu.org
Subject: Re: [bug#39348] [PATCH] gnu: go: Update to 1.12.16 [fixes
 CVE-2018-17075]

On Wed, Jan 29, 2020 at 10:21:01PM +0100, Jakub Kądziołka wrote:
> * gnu/packages/golang.scm (go-1.12): Update to 1.12.16.
> ---
> Tested by building `go' and `syncthing' (the latter being a prominent Go
> package). Of course, both builds succeeded.

Thanks for the patch and for describing how you tested it!

Pushed as 7037ffe11acd3988e1d9281923c99fc5d74afac2



----- End forwarded message -----

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.