Rebuild Todo List golang 1.13.1 security rebuild
Oct. 4, 2019 - Eli Schwartz
Go 1.13.1 has been released and in order to take advantage of the updated runtime, all packages that makedepend on go or go-pie must be rebuilt. This is due to the statically built nature of the language.
This release of Go in particular contains one change from 1.13, fixing CVE-2019-16276. The rebuild list reflects all packages utilizing the `net/http` or `net/textproto` library (and therefore importing the vulnerable code) which must be rebuilt for security purposes.
For more details see:
https://github.com/golang/go/compare/go1.13...go1.13.1
https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16276
Filter Todo List Packages
Arch | Repository | Name | Current Version | Staging Version | Maintainers | Status | Last Touched By |
---|---|---|---|---|---|---|---|
x86_64 | Extra | alertmanager | 0.27.0-2 | jelle, demize | Complete | jelle | |
x86_64 | Extra | prometheus | 3.0.0-1 | jelle, demize, hashworks | Complete | jelle | |
x86_64 | Extra | prometheus-blackbox-exporter | 0.25.0-1 | jelle, demize | Complete | jelle | |
x86_64 | Extra | prometheus-node-exporter | 1.8.2-2 | jelle, demize | Complete | jelle |