diff options
| author | Sharlatan Hellseher <sharlatanus@gmail.com> | 2026-03-12 11:09:13 +0000 |
|---|---|---|
| committer | Sharlatan Hellseher <sharlatanus@gmail.com> | 2026-03-12 11:18:05 +0000 |
| commit | 391200d0541beccd73cbf487ade240124403a994 (patch) | |
| tree | c62282b3d3a6f64f3b1c9e65e03e5545bba44bca /gnu | |
| parent | ac0efb2c97fbe7175bb31e9800e7d6ad0af80d97 (diff) | |
gnu: go-1.25: Update to 1.25.8 [security-fixes].
go1.25.8 (released 2026-03-05) includes security fixes to the
html/template, net/url, and os packages, as well as bug fixes to the go
command, the compiler, and the os package.
See: <https://github.com/golang/go/compare/go1.25.7...go1.25.8>,
<https://www.openwall.com/lists/oss-security/2026/03/06/1>
Containes fixes for:
CVE-2026-27142: URLs in meta content attribute actions are not escaped
in html/template.
CVE-2026-25679: Incorrect parsing of IPv6 host literals in net/url.
CVE-2026-27139: FileInfo can escape from a Root in os.
* gnu/packages/golang.scm (go-1.25): Update to 1.25.8.
Change-Id: I01a80a78f20075fe6c05c46f97dfe35f770a99a0
Diffstat (limited to 'gnu')
| -rw-r--r-- | gnu/packages/golang.scm | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/gnu/packages/golang.scm b/gnu/packages/golang.scm index 06ba31d26a1..934aac57eff 100644 --- a/gnu/packages/golang.scm +++ b/gnu/packages/golang.scm @@ -1125,7 +1125,7 @@ in the style of communicating sequential processes (@dfn{CSP}).") (package (inherit go-1.24) (name "go") - (version "1.25.7") + (version "1.25.8") (source (origin (method git-fetch) @@ -1134,7 +1134,7 @@ in the style of communicating sequential processes (@dfn{CSP}).") (commit (string-append "go" version)))) (file-name (git-file-name name version)) (sha256 - (base32 "0mjygpbswf91af07bbc1xpbw1adbcd210401rp5wpqv6d5rqn3jc")))) + (base32 "0vgz80mrxlkljr8ynficwvshinirqxbiv2ikscf941ladbv0g604")))) (arguments (substitute-keyword-arguments (package-arguments go-1.24) ((#:phases phases) |