dgit.raspbian.org Git - golang-1.11.git/commit

author	Shengjing Zhu <zhsj@debian.org>
	Sun, 24 Jan 2021 19:15:38 +0000 (19:15 +0000)
committer	Shengjing Zhu <zhsj@debian.org>
	Sun, 24 Jan 2021 19:15:38 +0000 (19:15 +0000)
commit	9ee495ac648596489dd8325d8104fdf410f6375f
tree	8f07f4d29bdecb5747aede20d3181d7a504fafc4	tree \| snapshot
parent	9bf8eaf24c702460873dee06c667ef604e74db5d	commit \| diff
parent	293619570d43d2996e35fd3a3cf8055b400ba709	commit \| diff

golang-1.11 (1.11.6-1+deb10u4) buster-security; urgency=high

  * Team upload.

  [ Dr. Tobias Quathamer ]
  * cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs
    https://github.com/golang/go/issues/36837
    CVE-2020-7919
  * net/http: Expect 100-continue panics in httputil.ReverseProxy
    https://github.com/golang/go/issues/34902
    CVE-2020-15586
  * encoding/binary: ReadUvarint and ReadVarint can read an unlimited
    number of bytes from invalid inputs
    https://github.com/golang/go/issues/40618
    CVE-2020-16845

  [ Shengjing Zhu ]
  * crypto/elliptic: incorrect operations on the P-224 curve
    https://github.com/golang/go/issues/43786
    CVE-2021-3114

[dgit import unpatched golang-1.11 1.11.6-1+deb10u4]

39 files changed:

debian/changelog	\|	\|	blob
debian/compat	\|	\|	blob
debian/control	\|	\|	blob
debian/control.in	\|	\|	blob
debian/copyright	\|	\|	blob
debian/docs	\|	\|	blob
debian/gbp.conf	\|	\|	blob
debian/gbp.conf.in	\|	\|	blob
debian/golang-X.Y-doc.dirs	\|	\|	blob
debian/golang-X.Y-doc.install	\|	\|	blob
debian/golang-X.Y-doc.links	\|	\|	blob
debian/golang-X.Y-doc.lintian-overrides	\|	\|	blob
debian/golang-X.Y-go.dirs	\|	\|	blob
debian/golang-X.Y-go.install	\|	\|	blob
debian/golang-X.Y-go.links	\|	\|	blob
debian/golang-X.Y-go.lintian-overrides	\|	\|	blob
debian/golang-X.Y-go.postinst	\|	\|	blob
debian/golang-X.Y-src.install	\|	\|	blob
debian/golang-X.Y-src.lintian-overrides	\|	\|	blob
debian/helpers/goenv.sh	\|	\|	blob
debian/patches/0001-Reproducible-BUILD_PATH_PREFIX_MAP.patch	\|	\|	blob
debian/patches/0002-Fix-Lintian-warnings-about-wrong-interpreter-path.patch	\|	\|	blob
debian/patches/0003-arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch	\|	\|	blob
debian/patches/0004-fix-Fstatat-by-using-fillStat_t-on-linux-mips64x.patch	\|	\|	blob
debian/patches/0005-Fix-CVE-2019-9512-and-CVE-2019-9514.patch	\|	\|	blob
debian/patches/0006-Fix-CVE-2019-14809.patch	\|	\|	blob
debian/patches/0007-Fix-CVE-2019-16276.patch	\|	\|	blob
debian/patches/0008-Fix-CVE-2019-17596.patch	\|	\|	blob
debian/patches/0009-Fix-CVE-2020-7919.patch	\|	\|	blob
debian/patches/0010-Fix-CVE-2020-15586.patch	\|	\|	blob
debian/patches/0011-Fix-CVE-2020-16845.patch	\|	\|	blob
debian/patches/0012-Fix-CVE-2021-3114.patch	\|	\|	blob
debian/patches/series	\|	\|	blob
debian/rules	\|	\|	blob
debian/source/format	\|	\|	blob
debian/source/lintian-overrides	\|	\|	blob
debian/source/lintian-overrides.in	\|	\|	blob
debian/watch	\|	\|	blob
debian/watch.in	\|	\|	blob

Unnamed repository; edit this file 'description' to name the repository.

RSS Atom