From: Raspbian automatic forward porter <root@raspbian.org>
Date: Tue, 21 Dec 2021 18:45:04 +0000 (+0000)
Subject: Merge version 1.15.9-6+rpi1 and 1.15.15-1~deb11u2 to produce 1.15.15-1~deb11u2+rpi1
X-Git-Tag: archive/raspbian/1.15.15-1_deb11u2+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=1057456d60d72e6cd1ef3fe245d256f38188081f;p=golang-1.15.git

Merge version 1.15.9-6+rpi1 and 1.15.15-1~deb11u2 to produce 1.15.15-1~deb11u2+rpi1
---

96e0a8bafa72562f85f9fff4392f01869f74ed0f
diff --cc debian/changelog
index f709eab0,e664d19f..4a3bcacc
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,14 -1,43 +1,55 @@@
- golang-1.15 (1.15.9-6+rpi1) bullseye-staging; urgency=medium
++golang-1.15 (1.15.15-1~deb11u2+rpi1) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from golang-1.10 1.10~rc2-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 24 Feb 2018 12:22:04 +0000]
 +  * Build with GOARM=6
 +  * Disable testsuite.
 +  * Fix clean target.
 +
 +  [changes introduced in golang-1.12 1.12.7-3+rpi1 by Peter Michael Green]
 +  * Further clean target fixing.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sat, 07 Aug 2021 18:29:29 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Tue, 21 Dec 2021 18:45:03 +0000
++
+ golang-1.15 (1.15.15-1~deb11u2) bullseye; urgency=medium
+ 
+   * Backport patch for CVE-2021-38297
+     When invoking functions from WASM modules, built using GOARCH=wasm GOOS=js,
+     passing very large arguments can cause portions of the module to be
+     overwritten with data from the arguments.
+   * Backport patch for CVE-2021-41771
+     debug/macho: invalid dynamic symbol table command can cause panic
+   * Backport patch for CVE-2021-44716
+     net/http: limit growth of header canonicalization cache
+   * Backport patch for CVE-2021-44717
+     syscall: don’t close fd 0 on ForkExec error
+ 
+  -- Shengjing Zhu <zhsj@debian.org>  Sat, 04 Dec 2021 17:37:57 +0800
+ 
+ golang-1.15 (1.15.15-1~deb11u1) bullseye; urgency=medium
+ 
+   [ Anthony Fok ]
+   * Fix Lintian warning tab-in-license-text
+     debian/copyright (starting at line 381)
+ 
+   [ Shengjing Zhu ]
+   * Rebuild 1.15.15 for bullseye
+     + Include fix for CVE-2021-36221 (Closes: #991961)
+       net/http: panic due to racy read of persistConn after handler panic
+   * Backport patch for CVE-2021-39293
+     archive/zip: overflow in preallocation check can cause OOM panic
+ 
+  -- Shengjing Zhu <zhsj@debian.org>  Sat, 11 Sep 2021 15:54:07 +0800
+ 
+ golang-1.15 (1.15.15-1) unstable; urgency=medium
+ 
+   * Team upload.
+   * New upstream version 1.15.15
+   * Remove security patches which were previously backported
+     for 1.15.9 but are already in 1.15.15
+   * Update Standards-Version to 4.5.1, no changes needed
+   * Change Section from devel to golang
+ 
+  -- Anthony Fok <foka@debian.org>  Sun, 15 Aug 2021 16:44:15 -0600
  
  golang-1.15 (1.15.9-6) unstable; urgency=medium