go: security bump to version 1.10.2 - buildroot

diff options

author	Anisse Astier <anisse@astier.eu>	2018-05-11 22:50:37 +0200
committer	Thomas Petazzoni <thomas.petazzoni@bootlin.com>	2018-05-11 23:10:27 +0200
commit	81815b85a20d09b8346322ad025c2bb430d17ed3 (patch)
tree	6c47e418365c6f7fec723a3d9461f2269bf612f0 /package/python-websockets/0001-Fix-behavior-of-recv-in-the-CLOSING-state.patch
parent	486334dd819b15943b6f9e93868a354be0b8ab20 (diff)
download	buildroot-81815b85a20d09b8346322ad025c2bb430d17ed3.tar.gz buildroot-81815b85a20d09b8346322ad025c2bb430d17ed3.zip

go: security bump to version 1.10.2

This bump contains many bug fixes, as well as the following security issue, patched in Go 1.10.1: CVE-2018-7187: The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site. Signed-off-by: Anisse Astier <anisse@astier.eu> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>

Diffstat (limited to 'package/python-websockets/0001-Fix-behavior-of-recv-in-the-CLOSING-state.patch')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: