fix CVE-2017-15041 and CVE-2017-15042

2017-10-06 13:58:06 +02:00 · 2017-10-06 13:58:06 +02:00 · 45568fd716
parent 96c389d958
commit 45568fd716
3 changed files with 8 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -41,3 +41,4 @@
 /go1.8.src.tar.gz
 /go1.8.1.src.tar.gz
 /go1.8.3.src.tar.gz
+/go1.8.4.src.tar.gz
--- a/golang.spec
+++ b/golang.spec
@ -94,11 +94,11 @@
 %endif

 %global go_api 1.8
-%global go_version 1.8.3
+%global go_version 1.8.4

 Name:           golang
-Version:        1.8.3
-Release:        2%{?dist}
+Version:        1.8.4
+Release:        1%{?dist}
 Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
 License:        BSD and Public Domain
@ -509,6 +509,9 @@ fi
 %endif

 %changelog
+* Fri Oct 06 2017 Jakub Čajka <jcajka@redhat.com> - 1.8.4-1
+- fix CVE-2017-15041 and CVE-2017-15042
+
 * Fri Jul 14 2017 Jakub Čajka <jcajka@redhat.com> - 1.8.3-2
 - apply the s390x workaround

--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (go1.8.3.src.tar.gz) = c6e67dd9e3acdf2aa776d920f91f3fb1802d624ba5d51e06b2c7c6b71bcfaf91f4024f7a442cecde69175c589f7f1163f0ae86d887e15ddde710e53ce0961284
+SHA512 (go1.8.4.src.tar.gz) = 7b1954374c3f87b48246a58906bb2c50d6cf24fbb6e64abed2aef373ac22b35bdfe60e3e9b609e4daba8a91181abba2d62da1aa427f3c3c3bc6944939a40c156