[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Accepted golang-1.22 1.22.1-1 (source) into unstable

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 06 Mar 2024 15:09:10 +0800
Source: golang-1.22
Architecture: source
Version: 1.22.1-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Compiler Team <team+go-compiler@tracker.debian.org>
Changed-By: Shengjing Zhu <zhsj@debian.org>
Closes: 1065368
Changes:
 golang-1.22 (1.22.1-1) unstable; urgency=medium
 .
   * Team upload
   * New upstream version 1.22.1
     + CVE-2024-24783: crypto/x509: Verify panics on certificates with an
       unknown public key algorithm
     + CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm
     + CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of
       sensitive headers and cookies on HTTP redirect
     + CVE-2024-24785: html/template: errors returned from MarshalJSON methods
       may break template escaping
     + CVE-2024-24784: net/mail: comments in display names are incorrectly
       handled
   * Update upstream signing key
   * Backport patch to fix external link on riscv64 (Closes: #1065368)
Checksums-Sha1:
 9c30b1525e8f6620ec597a9ce10d548972794b85 2524 golang-1.22_1.22.1-1.dsc
 81651938663134518593c61c611443f1e8ccf7ee 27548577 golang-1.22_1.22.1.orig.tar.gz
 242073cdf4c47e6e8649cc12357ce8dece6faefe 833 golang-1.22_1.22.1.orig.tar.gz.asc
 6ac9b9327473588fb137892c5bbc2a1ae41d6a8f 41676 golang-1.22_1.22.1-1.debian.tar.xz
 619dc8bbd8118e468ff16fbd634a67f01462256c 6545 golang-1.22_1.22.1-1_amd64.buildinfo
Checksums-Sha256:
 979ceb551226b823a79d0b9d5fbdc5bf5625f2e71f66617478e97ff6b306aebc 2524 golang-1.22_1.22.1-1.dsc
 79c9b91d7f109515a25fc3ecdaad125d67e6bdb54f6d4d98580f46799caea321 27548577 golang-1.22_1.22.1.orig.tar.gz
 d217ad270c2dbcd0c952b2033c7b70de03bcac616f5f2134da3a697183902831 833 golang-1.22_1.22.1.orig.tar.gz.asc
 927a564dafacd30c6c4fb7335f8e61894341491f5ef95deade889ef57b73acd2 41676 golang-1.22_1.22.1-1.debian.tar.xz
 7a1fb172dab010dd147049ab374da9c0f776a935085e48f8530a9f8ec932b30b 6545 golang-1.22_1.22.1-1_amd64.buildinfo
Files:
 ad13dda3b2d2a6153decf4f25494ca08 2524 golang optional golang-1.22_1.22.1-1.dsc
 da1a44807b86836323ed475d81ddee8a 27548577 golang optional golang-1.22_1.22.1.orig.tar.gz
 c37a54a6892eb537d501cadf6cc5896f 833 golang optional golang-1.22_1.22.1.orig.tar.gz.asc
 09c2d2353b4cb93a8c641abb07b4c826 41676 golang optional golang-1.22_1.22.1-1.debian.tar.xz
 cc090e32ae080397b606b5e71839aadc 6545 golang optional golang-1.22_1.22.1-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQEzBAEBCgAdFiEEc793ixFTU9Vien7Zh7Iv85yjO70FAmXoHGoACgkQh7Iv85yj
O71i8Qf+Kroz+ymv+HTnhuEDGg+Yq1TNNJCC45ZygKIuraCKwwOQeCXUsJKUkLY6
DFTzftWXagm4kXMKgcz5fhl8XD0lzwljFwSSXhZIvANf/7QeEBzHC2rc22SSDy6X
0bT1F234fX2HUUz83s1u80+EPXH+g6kNh6QQGmPUdC7MQsJ9o4QMRfb04mz14l5a
vxLMlX/sCp1rjovPbXWXDEKu+vchnwUTy5HIyBEvowdHbQeiUNrO0amfKuA9bhF8
hZpADzniqpp5ipHJJOHMEEnelI015zX9WjT8/5nvAnaiXgIZE4sVW+A1pKgk6C8G
7xVY7YYHa4QuGgcV+A1gedOiWxdMFw==
=pDwh
-----END PGP SIGNATURE-----

Attachment: pgpTsTXo35Paf.pgp
Description: PGP signature

Reply to: