On 22-06-12 11:07:49, Daniel Jakots wrote: > Hi, > > Now that visa's patch [1] is in, I'm sending this update as make test > passes on amd64. > > > go1.18.3 (released 2022-06-01) includes security fixes to the > > crypto/rand, crypto/tls, os/exec, and path/filepath packages, as well > > as bug fixes to the compiler, and the crypto/tls and > > text/template/parse packages. > > https://github.com/golang/go/issues?q=milestone%3AGo1.18.3+label%3ACherryPickApproved > > abieber mentioned https://github.com/golang/go/issues/52814 may warrant > the rebuild of all our ports. If we want to go that route, I can > provide a diff to REVISION bump them.
I highly doubt that this is justified - it is at best a minor information leak for clients that are performing TLSv1.3 with PSK session resumption, using a ticket that the Go TLS server previously provided to them (RFC 8446 section 4.2.11.1 details the impact). > [1]: > https://github.com/openbsd/src/commit/a26b930e92d7c8b0f65a8bb58d831bb5db99b57f > > > Comments? OK? ok jsing@ > Index: Makefile > =================================================================== > RCS file: /cvs/ports/lang/go/Makefile,v > retrieving revision 1.111 > diff -u -p -r1.111 Makefile > --- Makefile 17 May 2022 02:10:06 -0000 1.111 > +++ Makefile 12 Jun 2022 14:59:07 -0000 > @@ -5,7 +5,7 @@ BIN_BOOTSTRAP_VERSION = 1.16 > > COMMENT = Go programming language > > -VERSION = 1.18.2 > +VERSION = 1.18.3 > DISTNAME = go${VERSION}.src > PKGNAME = go-${VERSION} > PKGSPEC = ${FULLPKGNAME:S/go-/go-=/} > Index: distinfo > =================================================================== > RCS file: /cvs/ports/lang/go/distinfo,v > retrieving revision 1.71 > diff -u -p -r1.71 distinfo > --- distinfo 17 May 2022 02:10:06 -0000 1.71 > +++ distinfo 12 Jun 2022 14:59:07 -0000 > @@ -2,9 +2,9 @@ SHA256 (go-openbsd-386-bootstrap-1.16.ta > SHA256 (go-openbsd-arm-bootstrap-1.16.tar.gz) = > DjjCEzU/FnndIrKC8gh5PKAZkKp9Lt49aT3XPqhEWNM= > SHA256 (go-openbsd-arm64-bootstrap-1.16.tar.gz) = > qqc/TtaBfoq5oJcOHoqNZ6+bO+OOIRZoW1zlj19uBVw= > SHA256 (go-openbsd-mips64-bootstrap-1.16.tar.gz) = > dwojdjHgxrLlKC8QbseRYnOf8s/wN/Wx+UkPhH2aeJY= > -SHA256 (go1.18.2.src.tar.gz) = LETQPqLDQJITerkZumAvLCYaA40I60aFKKPzoo5WZ+I= > +SHA256 (go1.18.3.src.tar.gz) = ABI4bdy7XzNQ5AfGeZI4EdvSg/zcQhckkxYUqELsvC0= > SIZE (go-openbsd-386-bootstrap-1.16.tar.gz) = 131493298 > SIZE (go-openbsd-arm-bootstrap-1.16.tar.gz) = 128073881 > SIZE (go-openbsd-arm64-bootstrap-1.16.tar.gz) = 126892240 > SIZE (go-openbsd-mips64-bootstrap-1.16.tar.gz) = 129935270 > -SIZE (go1.18.2.src.tar.gz) = 22837686 > +SIZE (go1.18.3.src.tar.gz) = 22838104 > cvs server: Diffing patches > cvs server: Diffing pkg > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/lang/go/pkg/PLIST,v > retrieving revision 1.59 > diff -u -p -r1.59 PLIST > --- pkg/PLIST 17 May 2022 02:10:06 -0000 1.59 > +++ pkg/PLIST 12 Jun 2022 14:59:08 -0000 > @@ -12025,6 +12025,10 @@ go/test/fixedbugs/issue51531.go > go/test/fixedbugs/issue5162.go > go/test/fixedbugs/issue5172.go > go/test/fixedbugs/issue51839.go > +go/test/fixedbugs/issue52279.dir/ > +go/test/fixedbugs/issue52279.dir/lib.go > +go/test/fixedbugs/issue52279.dir/main.go > +go/test/fixedbugs/issue52279.go > go/test/fixedbugs/issue5231.go > go/test/fixedbugs/issue52438.go > go/test/fixedbugs/issue5244.go > @@ -12964,12 +12968,14 @@ go/test/typeparam/issue51836.dir/a.go > go/test/typeparam/issue51836.dir/aa.go > go/test/typeparam/issue51836.dir/p.go > go/test/typeparam/issue51836.go > +go/test/typeparam/issue51840.go > go/test/typeparam/issue52026.go > go/test/typeparam/issue52117.dir/ > go/test/typeparam/issue52117.dir/a.go > go/test/typeparam/issue52117.dir/b.go > go/test/typeparam/issue52117.go > go/test/typeparam/issue52228.go > +go/test/typeparam/issue52241.go > go/test/typeparam/list.go > go/test/typeparam/list2.go > go/test/typeparam/listimp.dir/
