From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sat, 17 Dec 2022 14:55:27 +0000 (+0000)
Subject: Merge version 1.18.8-1+rpi1 and 1.18.9-1 to produce 1.18.9-1+rpi1
X-Git-Tag: raspbian/1.18.9-1+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=22fa56fd2f3d65b67d1a8c4d77528e8ecd98cbc8;p=golang-1.18.git

Merge version 1.18.8-1+rpi1 and 1.18.9-1 to produce 1.18.9-1+rpi1
---

1ec1608b440fde6a46d69fdb30169483083a3ee5
diff --cc debian/changelog
index f16491a4,38c3d7c7..49b3c3fc
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,12 +1,19 @@@
- golang-1.18 (1.18.8-1+rpi1) bookworm-staging; urgency=medium
++golang-1.18 (1.18.9-1+rpi1) bookworm-staging; urgency=medium
 +
 +  [changes brought forward from 1.18.4-2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Tue, 09 Aug 2022 16:49:03 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 15 Nov 2022 10:38:05 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sat, 17 Dec 2022 14:55:27 +0000
++
+ golang-1.18 (1.18.9-1) unstable; urgency=medium
+ 
+   * New upstream version 1.18.9
+     + CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir
+       on Windows
+     + CVE-2022-41717: net/http: limit canonical header cache by bytes, not
+       entries
+ 
+  -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 06 Dec 2022 13:39:48 -0600
  
  golang-1.18 (1.18.8-1) unstable; urgency=medium