golang-1.7 (1.7.4-2+deb9u5) stretch-security; urgency=high

  * Non-maintainer upload by the LTS Security Team.
  * CVE-2022-23772: Rat.SetString in math/big has an overflow that can
    lead to Uncontrolled Memory Consumption.
  * CVE-2022-23806: Curve.IsOnCurve in crypto/elliptic can incorrectly
    return true in situations with a big.Int value that is not a valid
    field element.
  * CVE-2022-24921: regexp.Compile allows stack exhaustion via a deeply
    nested expression.

[dgit import unpatched golang-1.7 1.7.4-2+deb9u5]