""" We have just released Go versions 1.18.2 and 1.17.10, minor point releases. These minor releases include one security fix following the security policy: • syscall: fix Faccessat on Linux When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible. Thanks to Joël Gähwiler (@256dpi) for reporting this. This is CVE-2022-29526 and https://go.dev/issue/52313. """
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4319981885d561dfdad978e7702790e858d37554 commit 4319981885d561dfdad978e7702790e858d37554 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-05-12 15:07:46 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-05-12 15:08:13 +0000 dev-lang/go: drop 1.17.8, 1.18.1 Bug: https://bugs.gentoo.org/843644 Signed-off-by: William Hubbs <williamh@gentoo.org> dev-lang/go/Manifest | 2 - dev-lang/go/go-1.17.8.ebuild | 196 ------------------------------------------- dev-lang/go/go-1.18.1.ebuild | 196 ------------------------------------------- 3 files changed, 394 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=6d94c4ca979ae245583bb19c48ae7cbcd76f7670 commit 6d94c4ca979ae245583bb19c48ae7cbcd76f7670 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-05-12 14:46:27 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-05-12 15:08:13 +0000 dev-lang/go: add 1.17.10, 1.18.2 Bug: https://bugs.gentoo.org/843644 Signed-off-by: William Hubbs <williamh@gentoo.org> dev-lang/go/Manifest | 2 + dev-lang/go/go-1.17.10.ebuild | 196 ++++++++++++++++++++++++++++++++++++++++++ dev-lang/go/go-1.18.2.ebuild | 196 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 394 insertions(+)
Thanks!
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b32f1f9b4e9d5b982fa5346d33d4a06ab807d80d commit b32f1f9b4e9d5b982fa5346d33d4a06ab807d80d Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2022-05-17 15:25:20 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2022-05-17 15:25:20 +0000 dev-lang/go: drop 1.17.9 Bug: https://bugs.gentoo.org/843644 Signed-off-by: William Hubbs <williamh@gentoo.org> dev-lang/go/Manifest | 1 - dev-lang/go/go-1.17.9.ebuild | 196 ------------------------------------------- 2 files changed, 197 deletions(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=3cb3a96a3023359a20f60ec1f45f10c1fc4012ca commit 3cb3a96a3023359a20f60ec1f45f10c1fc4012ca Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-04 13:53:02 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-04 13:59:34 +0000 [ GLSA 202208-02 ] Go: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/754210 Bug: https://bugs.gentoo.org/766216 Bug: https://bugs.gentoo.org/775326 Bug: https://bugs.gentoo.org/788640 Bug: https://bugs.gentoo.org/794784 Bug: https://bugs.gentoo.org/802054 Bug: https://bugs.gentoo.org/806659 Bug: https://bugs.gentoo.org/807049 Bug: https://bugs.gentoo.org/816912 Bug: https://bugs.gentoo.org/821859 Bug: https://bugs.gentoo.org/828655 Bug: https://bugs.gentoo.org/833156 Bug: https://bugs.gentoo.org/834635 Bug: https://bugs.gentoo.org/838130 Bug: https://bugs.gentoo.org/843644 Bug: https://bugs.gentoo.org/849290 Bug: https://bugs.gentoo.org/857822 Bug: https://bugs.gentoo.org/862822 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-02.xml | 101 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 101 insertions(+)
GLSA released, all done!
