GNU bug report logs - #54568
Update to Go 1.17.8, Go 1.16.15

Previous Next

Package: guix-patches;

Reported by: Pier-Hugues Pellerin <ph <at> heykimo.com>

Date: Fri, 25 Mar 2022 19:22:02 UTC

Severity: normal

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Pier-Hugues Pellerin <ph <at> heykimo.com>
To: guix-patches <at> gnu.org
Subject: Update to Go 1.17.8, Go 1.16.15
Date: Fri, 25 Mar 2022 15:19:07 -0400

[Message part 1 (text/plain, inline)]
Hello,

This patch updates Go 1.16 and 1.17 to their latest patch and fixes a
security issue with the regexp/syntax package. I've looked at the current
patch and I haven't found one for Go.

This is my first contribution to guix and this process is new to me.

I've made the changes in a single patch, because it covers the same CVE, if
you prefer I can split them.

Also, I've looked to add support for go 1.18 based on the 1.17 package
definition,  at work I've had a few hiccups when upgrading to this new
version. What would be the way to test that packages depending on go (or
go-build-system) would still build with it ?

Thanks

-- 
ph,
http://heykimo.com

[Message part 2 (text/html, inline)]
[0001-Update-to-Go-1.17.8-Go-1.16.15.patch (text/x-patch, attachment)]
This bug report was last modified 3 years and 52 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.