Accepted golang-1.19 1.19.13-1~bpo11+1 (source) into oldstable-backports-sloppy
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 12 Nov 2023 19:19:47 -0700
Source: golang-1.19
Architecture: source
Version: 1.19.13-1~bpo11+1
Distribution: bullseye-backports-sloppy
Urgency: medium
Maintainer: Debian Go Compiler Team <team+go-compiler@tracker.debian.org>
Changed-By: Anthony Fok <foka@debian.org>
Changes:
golang-1.19 (1.19.13-1~bpo11+1) bullseye-backports-sloppy; urgency=medium
.
* Rebuild for bullseye-backports-sloppy.
.
golang-1.19 (1.19.13-1) unstable; urgency=medium
.
* Team upload
* New upstream version 1.19.13
+ Improve backward compatibility for fixes of CVE-2023-29409
and CVE-2023-29406.
.
golang-1.19 (1.19.12-2~bpo11+1) bullseye-backports-sloppy; urgency=medium
.
* Rebuild for bullseye-backports-sloppy.
.
golang-1.19 (1.19.12-2) unstable; urgency=medium
.
* Team upload
* Backport patch to fix link tests on riscv64
.
golang-1.19 (1.19.12-1) unstable; urgency=medium
.
* Team upload
* New upstream version 1.19.12
+ CVE-2023-29409: crypto/tls: restrict RSA keys in certificates
to <= 8192 bits
.
golang-1.19 (1.19.11-1) unstable; urgency=medium
.
* Team upload
* New upstream version 1.19.11
+ CVE-2023-29406: net/http: insufficient sanitization of Host header
* Add autopkgtest
.
golang-1.19 (1.19.10-2) unstable; urgency=medium
.
* Team upload
* Upload to unstable
.
golang-1.19 (1.19.10-1) experimental; urgency=medium
.
* Team upload
* New upstream version 1.19.10
+ CVE-2023-29402: cmd/go: cgo code injection
+ CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries
+ CVE-2023-29404/CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS
.
golang-1.19 (1.19.9-1) experimental; urgency=medium
.
* Team upload
* New upstream version 1.19.9
+ CVE-2023-24539: html/template: improper sanitization of CSS values
+ CVE-2023-24540: html/template: improper handling of JavaScript whitespace
+ CVE-2023-29400: html/template: improper handling of empty HTML attributes
Checksums-Sha1:
29744d0235e8f6820b3803305e0209b73c6bb793 2962 golang-1.19_1.19.13-1~bpo11+1.dsc
877fbdbf4bb48d364444d832384967e5c7ca5f73 43472 golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz
1a3b49601c87531e3cdc8a2b09b212ba8883175f 7262 golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo
Checksums-Sha256:
57c7813333eb49119bdcd117aa1c6aec860184815f81420dd0753d4f9e987450 2962 golang-1.19_1.19.13-1~bpo11+1.dsc
1f9e75a0a3ed8f7288ce9882cc099e46a573e3c0cf1f8163be5b4639aa768d5f 43472 golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz
597887915713f249336fe9b495d5458ef42f6fb8afc3263d9b2d854390553f01 7262 golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo
Files:
e36bf09fc2420e594622fe910d251093 2962 golang optional golang-1.19_1.19.13-1~bpo11+1.dsc
8b4a99e25782194d2ca6a4f8844ffb86 43472 golang optional golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz
827d6d4f86610d592789a8f7360f033d 7262 golang optional golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmVRkhwQHGZva2FAZGVi
aWFuLm9yZwAKCRDqJQC0EsWaz2iUEACwf9jD2nYWZyVN4ahENxN3650H7iQES2Ng
8tut+DpAIOlM3+VsgBrg+oFBdvKouLabKF8M4EFrQ8uO+GXyO6HtSg8VbBq8yFGE
rDfvmXSseA5xprtjqIf0lgsDbiujHFGJuPqL7NYJ9vMe/gN6XUZtFNgoh2vNTlC5
jsFV4JPqPtxbfK0rj4HLhZUQd6hq4AIPJz6IgtidhF//RLwJy/Yw16WbtX2mmeVq
+5po90Pwz87YkVSPnCPVVJ53dp9yqWSctZgsB+bU4fjOmulElgJh8q47djJ0Qenm
xoOZDRQaQCSeL0n9TUs/E2unmvxzSK1z7ncqJ9UxOWfcwUZ6KjPcZjsnKnyBDOz2
MJzwL6KpUjSmeOOjx1hKvwdwmcBFAxj8kQmmsDj7/bvJ3beL87cOdka4pSEc6x0I
BH/npsGKYuEeDphWfc2CDcfAvPssrA+VKyPOnp8LBiFGpwoP7dFwIKogoLObZms9
3KAFn9FRDlpp+tJT4gnUvvEdOfsEbiA3owDP9V7Z1TT53nAHI7BfABQfd7HnWqfd
+srNMKZWnOqhZEFwPF69JP7C+byyqcjtkisCFQRwdCoOHlpBK0nZmmUlD8ojR7cF
cMS+3wweo6qvhMvrSyFPA9qYsTyZ9JRgj7DjiUYAIUJZo6O0whj6EJUnhbrs69kD
6vhQq6+PBQ==
=QiF8
-----END PGP SIGNATURE-----
Reply to: