Rebuild Todo List golang 1.13.1 security rebuild

2019-10-04 - Eli Schwartz

Go 1.13.1 has been released and in order to take advantage of the updated runtime, all packages that makedepend on go or go-pie must be rebuilt. This is due to the statically built nature of the language.

This release of Go in particular contains one change from 1.13, fixing CVE-2019-16276. The rebuild list reflects all packages utilizing the `net/http` or `net/textproto` library (and therefore importing the vulnerable code) which must be rebuilt for security purposes.

For more details see:

https://github.com/golang/go/compare/go1.13...go1.13.1
https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16276

Link to lists of pkgbase values:

Filter Todo List Packages

Select filter criteria
4 packages displayed out of 4 total packages.
Arch Repository Name Current Version Staging Version Maintainers Status Last Touched By
x86_64 Extra alertmanager 0.27.0-1 jelle, demize Complete jelle
x86_64 Extra prometheus 2.51.2-1 jelle, demize, hashworks Complete jelle
x86_64 Extra prometheus-blackbox-exporter 0.24.0-1 jelle, demize Complete jelle
x86_64 Extra prometheus-node-exporter 1.7.0-1 jelle, demize Complete jelle