[Buildroot] [PATCH v1 1/1] package/go: security bump to go1.21.4
Peter Korsgaard
peter at korsgaard.com
Sat Nov 11 13:19:28 UTC 2023
>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:
>>>>> "Christian" == Christian Stewart <christian at aperture.us> writes:
>> Go version 1.21.4 includes the following security fixes:
>> CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device path prefix.
>> CVE-2023-45284: path/filepath: recognize device names with trailing spaces and superscripts
>> https://go.dev/doc/devel/release#go1.21.4
>> Signed-off-by: Christian Stewart <christian at aperture.us>
> Committed, thanks.
> Can you also send a 1.20.11 bump for 2023.08.x / 2023.02.x?
For 2023.02.x / 2023.08.x I have bumped to 1.20.11 instead.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list