| Message ID | 1607910781-88071-1-git-send-email-khairul.rohaizzat.jamaluddin@intel.com |
|---|---|
| State | New |
| Headers | show |
diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes-devtools/go/go-1.15.inc index 97d748b..c5e3fe0 100644 --- a/meta/recipes-devtools/go/go-1.15.inc +++ b/meta/recipes-devtools/go/go-1.15.inc @@ -1,7 +1,7 @@ require go-common.inc GO_BASEVERSION = "1.15" -GO_MINOR = ".2" +GO_MINOR = ".6" PV .= "${GO_MINOR}" FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" @@ -17,4 +17,4 @@ SRC_URI += "\ file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ " -SRC_URI[main.sha256sum] = "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d" +SRC_URI[main.sha256sum] = "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817"
Hi Khairul On Mon, 2020-12-14 at 09:53 +0800, Jamaluddin, Khairul Rohaizzat wrote: > From: Khairul Rohaizzat Jamaluddin < > khairul.rohaizzat.jamaluddin@intel.com> > > update minor version to 1.15.6 > > go-1.15.3 includes fixes to cgo, the compiler, runtime, the go > command, and the bytes, plugin, and testing packages. > go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and > the compress/flate, net/http, reflect, and time packages. > go-1.15.5 includes security fixes to the go command and the math/big > package. master has 1.15.5 so I would like to cherry-pick those updates from master instead. > go-1.15.6 includes fixes to the compiler, linker, runtime, the go > command, and the io package. I will cherry-pick 1.15.6 update that you've sent for master once that is merged there. Thanks, Anuj > > References: > https://nvd.nist.gov/vuln/detail/CVE-2020-28362 > https://nvd.nist.gov/vuln/detail/CVE-2020-28366 > https://nvd.nist.gov/vuln/detail/CVE-2020-28367 > https://golang.org/doc/devel/release.html#go1.15.minor > > Updates includes fix for: > CVE-2020-28362 > CVE-2020-28366 > CVE-2020-28367 > > Signed-off-by: Khairul Rohaizzat Jamaluddin < > khairul.rohaizzat.jamaluddin@intel.com> > --- > meta/recipes-devtools/go/go-1.15.inc | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes- > devtools/go/go-1.15.inc > index 97d748b..c5e3fe0 100644 > --- a/meta/recipes-devtools/go/go-1.15.inc > +++ b/meta/recipes-devtools/go/go-1.15.inc > @@ -1,7 +1,7 @@ > require go-common.inc > > GO_BASEVERSION = "1.15" > -GO_MINOR = ".2" > +GO_MINOR = ".6" > PV .= "${GO_MINOR}" > FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" > > @@ -17,4 +17,4 @@ SRC_URI += "\ > file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ > file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ > " > -SRC_URI[main.sha256sum] = > "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d" > +SRC_URI[main.sha256sum] = > "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817" > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#145523): https://lists.openembedded.org/g/openembedded-core/message/145523 Mute This Topic: https://lists.openembedded.org/mt/78942223/1003190 Group Owner: openembedded-core+owner@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [mhalstead@linuxfoundation.org] -=-=-=-=-=-=-=-=-=-=-=-
Hi Anuj, Duly noted. Please do proceed as needed. Thank you & Kind regards, Khairul -----Original Message----- From: Mittal, Anuj <anuj.mittal@intel.com> Sent: Monday, December 14, 2020 12:15 PM To: openembedded-core@lists.openembedded.org; Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com> Subject: Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6 Hi Khairul On Mon, 2020-12-14 at 09:53 +0800, Jamaluddin, Khairul Rohaizzat wrote: > From: Khairul Rohaizzat Jamaluddin < > khairul.rohaizzat.jamaluddin@intel.com> > > update minor version to 1.15.6 > > go-1.15.3 includes fixes to cgo, the compiler, runtime, the go > command, and the bytes, plugin, and testing packages. > go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and > the compress/flate, net/http, reflect, and time packages. > go-1.15.5 includes security fixes to the go command and the math/big > package. master has 1.15.5 so I would like to cherry-pick those updates from master instead. > go-1.15.6 includes fixes to the compiler, linker, runtime, the go > command, and the io package. I will cherry-pick 1.15.6 update that you've sent for master once that is merged there. Thanks, Anuj > > References: > https://nvd.nist.gov/vuln/detail/CVE-2020-28362 > https://nvd.nist.gov/vuln/detail/CVE-2020-28366 > https://nvd.nist.gov/vuln/detail/CVE-2020-28367 > https://golang.org/doc/devel/release.html#go1.15.minor > > Updates includes fix for: > CVE-2020-28362 > CVE-2020-28366 > CVE-2020-28367 > > Signed-off-by: Khairul Rohaizzat Jamaluddin < > khairul.rohaizzat.jamaluddin@intel.com> > --- > meta/recipes-devtools/go/go-1.15.inc | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/meta/recipes-devtools/go/go-1.15.inc b/meta/recipes- > devtools/go/go-1.15.inc index 97d748b..c5e3fe0 100644 > --- a/meta/recipes-devtools/go/go-1.15.inc > +++ b/meta/recipes-devtools/go/go-1.15.inc > @@ -1,7 +1,7 @@ > require go-common.inc > > GO_BASEVERSION = "1.15" > -GO_MINOR = ".2" > +GO_MINOR = ".6" > PV .= "${GO_MINOR}" > FILESEXTRAPATHS_prepend := "${FILE_DIRNAME}/go-${GO_BASEVERSION}:" > > @@ -17,4 +17,4 @@ SRC_URI += "\ > file://0007-cmd-go-make-GOROOT-precious-by-default.patch \ > file://0008-use-GOBUILDMODE-to-set-buildmode.patch \ " > -SRC_URI[main.sha256sum] = > "28bf9d0bcde251011caae230a4a05d917b172ea203f2a62f2c2f9533589d4b4d" > +SRC_URI[main.sha256sum] = > "890bba73c5e2b19ffb1180e385ea225059eb008eb91b694875dd86ea48675817" > > > -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#145528): https://lists.openembedded.org/g/openembedded-core/message/145528 Mute This Topic: https://lists.openembedded.org/mt/78942223/1003190 Group Owner: openembedded-core+owner@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [mhalstead@linuxfoundation.org] -=-=-=-=-=-=-=-=-=-=-=-
Hi Raj, Duly noted. The update to master have been submitted, waiting for review. Anuj will be cherry picking the updates for gatesgarth with his submission afterward. Apologies for the little confusion.. Thank you & Kind regards, Khairul From: Khem Raj <raj.khem@gmail.com> Sent: Monday, December 14, 2020 11:37 AM To: Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com> Cc: openembedded-core@lists.openembedded.org Subject: Re: [OE-core] [PATCH][gatesgarth] go: 1.15.2 -> 1.15.6 Can you first update it on master and then do needed backport ? On Sun, Dec 13, 2020 at 5:53 PM Jamaluddin, Khairul Rohaizzat <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>> wrote: From: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>> update minor version to 1.15.6 go-1.15.3 includes fixes to cgo, the compiler, runtime, the go command, and the bytes, plugin, and testing packages. go-1.15.4 includes fixes to cgo, the compiler, linker, runtime, and the compress/flate, net/http, reflect, and time packages. go-1.15.5 includes security fixes to the go command and the math/big package. go-1.15.6 includes fixes to the compiler, linker, runtime, the go command, and the io package. References: https://nvd.nist.gov/vuln/detail/CVE-2020-28362 https://nvd.nist.gov/vuln/detail/CVE-2020-28366 https://nvd.nist.gov/vuln/detail/CVE-2020-28367 https://golang.org/doc/devel/release.html#go1.15.minor Updates includes fix for: CVE-2020-28362 CVE-2020-28366 CVE-2020-28367 Signed-off-by: Khairul Rohaizzat Jamaluddin <khairul.rohaizzat.jamaluddin@intel.com<mailto:khairul.rohaizzat.jamaluddin@intel.com>> --- meta/recipes-devtools/go/go-1.15.inc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) -- 2.7.4 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#145529): https://lists.openembedded.org/g/openembedded-core/message/145529 Mute This Topic: https://lists.openembedded.org/mt/78942223/3616849 Group Owner: openembedded-core+owner@lists.openembedded.org Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [michael@yoctoproject.org] -=-=-=-=-=-=-=-=-=-=-=-