Rebuild Todo List golang 1.13.1 security rebuild

Oct. 4, 2019 - Eli Schwartz

Go 1.13.1 has been released and in order to take advantage of the updated runtime, all packages that makedepend on go or go-pie must be rebuilt. This is due to the statically built nature of the language.

This release of Go in particular contains one change from 1.13, fixing CVE-2019-16276. The rebuild list reflects all packages utilizing the `net/http` or `net/textproto` library (and therefore importing the vulnerable code) which must be rebuilt for security purposes.

For more details see:

https://github.com/golang/go/compare/go1.13...go1.13.1
https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16276

Link to lists of pkgbase values:

Filter Todo List Packages

Select filter criteria
4 packages displayed out of 4 total packages.
Arch Repository Name Current Version Staging Version Maintainers Status Last Touched By
x86_64 Extra alertmanager 0.27.0-2 jelle, demize Complete jelle
x86_64 Extra prometheus 3.0.1-1 jelle, demize, hashworks Complete jelle
x86_64 Extra prometheus-blackbox-exporter 0.25.0-1 jelle, demize Complete jelle
x86_64 Extra prometheus-node-exporter 1.8.2-2 jelle, demize Complete jelle