From owner-svn-ports-all@freebsd.org Mon Jan 18 14:10:45 2016 Return-Path: Delivered-To: svn-ports-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 00D22A879EA; Mon, 18 Jan 2016 14:10:45 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:1900:2254:206c::16:87]) by mx1.freebsd.org (Postfix) with ESMTP id EA58918C2; Mon, 18 Jan 2016 14:10:44 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Received: from Silverstone.nc-us.unovitch.com (localhost [IPv6:::1]) by freefall.freebsd.org (Postfix) with ESMTP id 596C81973; Mon, 18 Jan 2016 14:10:44 +0000 (UTC) (envelope-from junovitch@FreeBSD.org) Date: Mon, 18 Jan 2016 09:10:44 -0500 From: Jason Unovitch To: Julien Laffaye Cc: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: Re: svn commit: r406071 - head/lang/go Message-ID: <20160118141044.GB18741@Silverstone.nc-us.unovitch.com> References: <201601132211.u0DMB672024638@repo.freebsd.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; x-action=pgp-signed In-Reply-To: <201601132211.u0DMB672024638@repo.freebsd.org> User-Agent: Mutt/1.5.24 (2015-08-30) X-BeenThere: svn-ports-all@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: SVN commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jan 2016 14:10:45 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On Wed, Jan 13, 2016 at 10:11:06PM +0000, Julien Laffaye wrote: > Author: jlaffaye > Date: Wed Jan 13 22:11:05 2016 > New Revision: 406071 > URL: https://svnweb.freebsd.org/changeset/ports/406071 > > Log: > - Update to 1.5.3 > Julien, Looks like this this would need to MFH. Any thoughts on the best way to handle the language from the announcement? Should we bump PORTREVISION on some/all Go programs to meet the "must be recompiled with Go 1.5.3 in order to receive the fix". http://www.openwall.com/lists/oss-security/2016/01/13/7 "A security-related issue has been reported in Go's math/big package. The issue was introduced in Go 1.5. We recommend that all users upgrade to Go 1.5.3, which fixes the issue. Go programs must be recompiled with Go 1.5.3 in order to receive the fix." -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQF8BAEBCgBmBQJWnPJjXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ0NURGNTQ1OTkzQkJFMzc3OTNDQUNERUU2 RkQ0OUMzMDE2MUNBQTZFAAoJEG/UnDAWHKpum00IAKa7XCcrBSFkRG3xAcpagaIp IE18LVToAjs4PVeLWOaIbbEuimCZdKG5hI+CwloMiWJDu0uAe2+RmA0SPqX92WbL Wumyqet4vVH6HQTHxw/bq/nJcjdogcwVOOadj8qcSHfpNJmazCDjCvBs5dM4exac 5M85zfu74STjzkZVSGLCSo/HHj2jyvRIPUu33DqZgntKw3MjDGUPkTEl94EoSNZt JQi9vB4ihvf+crKZ4B1Pdqs/syfrNGMk9MEg27aeP7nuZTeSJVaxW+YWAgnSJeLV ws2WDAbpGQqf9/gqqZzxqrKO/B2KifQj17p8exYmsazLBHOIR9ZMiGG2hjLFfYs= =Tppc -----END PGP SIGNATURE-----