Golang updates are submitted in bodhi and pushed to the build root-override.
https://bodhi.fedoraproject.org/updates/FEDORA-2016-2940ad5550 https://bodhi.fedoraproject.org/updates/FEDORA-2016-2fcfc7670f https://bodhi.fedoraproject.org/updates/FEDORA-2016-59c5e405e3 Please test and provide karma :). Please proceed to rebuild your packages(on all active Fedora branches, i.e. rawhide,f24,f23,f22). From upstream CVE summary: "...Programs using HTTPS client certificates or the Go SSH server libraries are both exposed to this vulnerability..." ----- Original Message ----- > From: "Jakub Cajka" <jca...@redhat.com> > To: "Vincent Batts" <vba...@redhat.com>, "Lokesh Mandvekar" > <l...@redhat.com>, "Jan Chaloupka" <jchal...@redhat.com>, > maxamill...@gmail.com > Cc: golang@lists.fedoraproject.org > Sent: Friday, April 8, 2016 4:15:46 PM > Subject: Fwd: feedback requested: [security] Go 1.5.4 and Go 1.6.1 > > > I'm planning on landing it in Fedora(all branches) ASAP as they go out. > Please prepare to do rebuild of all your packages that might be affected by > the CVEs in golang stdlib. > > Jakub > > ----- Forwarded Message ----- > > From: "Andrew Gerrand" <a...@golang.org> > > To: "golang-nuts" <golang-n...@googlegroups.com> > > Sent: Friday, April 8, 2016 2:22:02 AM > > Subject: Fwd: feedback requested: [security] Go 1.5.4 and Go 1.6.1 > > > > We plan to issue Go 1.5.4 and Go 1.6,1 on Wednesday April 13 at > > approximately 2am UTC. > > These are minor releases to fix two security issues. > > > > Following our policy at https://golang.org/security, this is the > > pre-announcement of those releases. > > > > They will be followed by a more significant 1.6.2 point release that will > > fix a number of issues > > <https://github.com/golang/go/issues?utf8=%E2%9C%93&q=milestone%3AGo1.6.2>. > > > > Cheers, > > Andrew, on behalf of the Go team > > > > -- > > You received this message because you are subscribed to the Google Groups > > "golang-announce" group. > > To unsubscribe from this group and stop receiving emails from it, send an > > email to golang-announce+unsubscr...@googlegroups.com. > > For more options, visit https://groups.google.com/d/optout. > > > _______________________________________________ > golang mailing list > golang@lists.fedoraproject.org > http://lists.fedoraproject.org/admin/lists/golang@lists.fedoraproject.org > _______________________________________________ golang mailing list golang@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/golang@lists.fedoraproject.org
