D'oh! This is a known issue. (I should have checked before posting my original message). https://github.com/golang/go/issues/52317
So if you are an OSX user, then either download for source Or keep using 1.18 until https://github.com/golang/go/issues/52317 is resolved. On Wednesday, 13 April 2022 at 07:04:19 UTC+1 Amnon wrote: > Thank for the new release... > > I may be looking in the wrong place, but the darwin binaries for 1.18.1 > appear to be missing. > > https://go.dev/doc/install when installing on a mac shows an installer > button labeled "Download Go for Mac" > which links to https://go.dev/dl/undefined which gives a 404 error. > > % go install golang.org/dl/go1.18.1@latest > % go1.18.1 download > fails with > go1.18.1: download failed: no binary release of go1.18.1 for darwin/amd64 > at https://dl.google.com/go/go1.18.1.darwin-amd64.tar.gz > > Downloading from source, and running all.bash works fine. > > Thanks, > Amnon > > > > On Wednesday, 13 April 2022 at 02:01:53 UTC+1 dmit...@golang.org wrote: > >> Hello gophers, >> >> We have just released Go versions 1.18.1 and 1.17.9, minor point releases. >> >> These minor releases include three security fixes following the security >> policy: >> >> - encoding/pem: fix stack overflow in Decode >> >> A large (more than 5 MB) PEM input can cause a stack overflow in >> Decode, leading the program to crash. >> >> Thanks to Juho Nurminen of Mattermost who reported the error. >> >> This is CVE-2022-24675 and https://go.dev/issue/51853. >> >> >> - crypto/elliptic: tolerate all oversized scalars in generic P-256 >> >> A crafted scalar input longer than 32 bytes can cause >> P256().ScalarMult or P256().ScalarBaseMult to panic. Indirect uses >> through >> crypto/ecdsa and crypto/tls are unaffected. amd64, arm64, ppc64le, and >> s390x are unaffected. >> >> This was discovered thanks to a Project Wycheproof test vector. >> >> This is CVE-2022-28327 and https://go.dev/issue/52075. >> >> >> - crypto/x509: non-compliant certificates can cause a panic in Verify >> on macOS in Go 1.18 >> >> Verifying certificate chains containing certificates which are not >> compliant with RFC 5280 causes Certificate.Verify to panic on macOS. >> >> These chains can be delivered through TLS and can cause a crypto/tls >> or net/http client to crash. >> >> Thanks to Tailscale for doing weird things and finding this. >> >> This is CVE-2022-27536 and https://go.dev/issue/51759. >> >> >> View the release notes for more information: >> https://go.dev/doc/devel/release#go1.18.minor >> >> You can download binary and source distributions from the Go web site: >> https://go.dev/dl/ >> >> macOS binary artifacts for Go 1.18.1 are not available at this time due >> to an issue <https://go.dev/issue/52317>. >> We are working on providing them as soon as possible. Sorry for the >> inconvenience. >> >> To compile from source using a Git clone, update to the release with >> "git checkout go1.18.1" and build as usual. >> >> Thanks to everyone who contributed to the releases. >> >> Cheers, >> Dmitri and Cherry for the Go team >> > -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/90d82684-9661-4dec-8aad-2651dcd0abb2n%40googlegroups.com.
