Accepted golang-1.18 1.18.8-1~bpo11+1 (source) into bullseye-backports

To: debian-backports-changes@lists.debian.org
Subject: Accepted golang-1.18 1.18.8-1~bpo11+1 (source) into bullseye-backports
From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Date: Tue, 22 Nov 2022 06:04:02 +0000
Message-id: <[🔎] E1oxMO2-0018G9-3g@fasolo.debian.org>
Mail-followup-to: debian-backports@lists.debian.org
Reply-to: debian-backports@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Mon, 21 Nov 2022 21:59:26 -0700
Source: golang-1.18
Architecture: source
Version: 1.18.8-1~bpo11+1
Distribution: bullseye-backports
Urgency: medium
Maintainer: Debian Go Compiler Team <team+go-compiler@tracker.debian.org>
Changed-By: Anthony Fok <foka@debian.org>
Changes:
 golang-1.18 (1.18.8-1~bpo11+1) bullseye-backports; urgency=medium
 .
   * Rebuild for bullseye-backports.
 .
 golang-1.18 (1.18.8-1) unstable; urgency=medium
 .
   * New upstream version 1.18.8
     + CVE-2022-41716: syscall, os/exec: unsanitized NUL in environment variables
       On Windows, syscall.StartProcess and os/exec.Cmd did not properly check
       for invalid environment variable values. A malicious environment variable
       value could exploit this behavior to set a value for a different
       environment variable.
 .
 golang-1.18 (1.18.7-1) unstable; urgency=medium
 .
   * New upstream version 1.18.7
     + CVE-2022-2879: archive/tar: unbounded memory consumption when reading
       headers
     + CVE-2022-2880: net/http/httputil: ReverseProxy should not forward
       unparseable query parameters
     + CVE-2022-41715: regexp/syntax: limit memory used by parsing regexps
Checksums-Sha1:
 00d5c79e44bf1b92aa8901dd850fbd8a1b1f687f 2893 golang-1.18_1.18.8-1~bpo11+1.dsc
 864616d883423bd529bbf497650f5562aae28bad 42280 golang-1.18_1.18.8-1~bpo11+1.debian.tar.xz
 cd0bf1b49257d576f5ad205a391c435c905e31c5 7189 golang-1.18_1.18.8-1~bpo11+1_amd64.buildinfo
Checksums-Sha256:
 24349904500b3df0c7d11b49166a2f157dd815f0bcde59fae7ed2af9f315e6a4 2893 golang-1.18_1.18.8-1~bpo11+1.dsc
 847e0b405d425438c43ef0ecf8f78b3e441a58321b93a932ab4744a29b943385 42280 golang-1.18_1.18.8-1~bpo11+1.debian.tar.xz
 1256010b93630b1458f3158a6e38e0ddab2166a02fab0afe0855b80d04276101 7189 golang-1.18_1.18.8-1~bpo11+1_amd64.buildinfo
Files:
 4b57f7ed5fa74350108b9232bb4a52f8 2893 golang optional golang-1.18_1.18.8-1~bpo11+1.dsc
 69dbb4322837cee3f797d099d722199a 42280 golang optional golang-1.18_1.18.8-1~bpo11+1.debian.tar.xz
 ea2ef7c5c679d8786575392cfa054e9c 7189 golang optional golang-1.18_1.18.8-1~bpo11+1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmN8YnQQHGZva2FAZGVi
aWFuLm9yZwAKCRDqJQC0EsWazzSOEACqh78dE1Ro9YLizgBqlAl+RYLovETJ2/iu
NGUyA82uLrh/ucvX3mN1MzXZ7mjTIt1r16ji6LLzcT6YmEnVcJbbHLqTQkq1cEbV
OTApLfobIG2z3eX1IXscLb0BKAf+vpFTqzbH5gDdJFkgTBdEqdU4dYV2bBTDS9ja
OCfiXIC3L5iaeJM9C/ZpoMc7iLgb7S0ClGew58kqbPfmyFnK735kfievdPXYJ+t8
eUb7Jt3TlD1rxv4s1eVOYw6XEsQxP24uA3uKY+e58EH9Ddn0g3FkKIIOiDXK0gJj
ctSdPhBFuilqeREzX6+hqukva6mgmjjAGOCF2d2PbMpsn/tkv9HBNiocOWb1gmRI
aqA++fzEFGphDKLjubL6oxenP4iK/fCaVlIYPHENiKTRt6+S3KxscZINi+D2SKKG
SSEWLZ5nvFAumubfTz4D30xhpZRWvIrtlHsGwPD1l178xLDOXNdizY2o038C3FuG
Ei+i5FVBORMxbXr7CknSEQnTkMyviqehzLT7XHQ3x/Pa+LQ3AyMa9oQvHRyJ+906
5E2GQdIY7wrK69y8fY/+S+J29n3bbXbPR3j2VjI0XLJryDBNRCs9l8T9z5lh3XLc
ZTYKGOeNgd/GF91pC8ZOAd/XRWLSeygrwNn8rbNbfZRD8b8PN8xpB1dDxBQSMkul
JDkiUIuv/g==
=OXcx
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: Accepted golang-1.19 1.19.3-1~bpo11+1 (source) into bullseye-backports
Next by Date: Accepted limnoria 2022.11.10-1~bpo11+1 (source) into bullseye-backports
Previous by thread: Accepted golang-1.19 1.19.3-1~bpo11+1 (source) into bullseye-backports
Next by thread: Accepted limnoria 2022.11.10-1~bpo11+1 (source) into bullseye-backports
Index(es):
- Date
- Thread