From: Raspbian automatic forward porter Date: Thu, 10 Jun 2021 21:58:35 +0000 (+0100) Subject: Merge version 1.15.9-3+rpi1 and 1.15.9-5 to produce 1.15.9-5+rpi1 X-Git-Tag: archive/raspbian/1.15.9-5+rpi1 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=3bf83cb61143e3573b77a93b6993ecc7283a67bb;p=golang-1.15.git Merge version 1.15.9-3+rpi1 and 1.15.9-5 to produce 1.15.9-5+rpi1 --- 987bd28e5739184e69b8bb57afe8987cbe2854ec diff --cc debian/changelog index 9d3dc8f5,16f67c41..f6a31139 --- a/debian/changelog +++ b/debian/changelog @@@ -1,14 -1,23 +1,35 @@@ - golang-1.15 (1.15.9-3+rpi1) bullseye-staging; urgency=medium ++golang-1.15 (1.15.9-5+rpi1) bullseye-staging; urgency=medium + + [changes brought forward from golang-1.10 1.10~rc2-1+rpi1 by Peter Michael Green at Sat, 24 Feb 2018 12:22:04 +0000] + * Build with GOARM=6 + * Disable testsuite. + * Fix clean target. + + [changes introduced in golang-1.12 1.12.7-3+rpi1 by Peter Michael Green] + * Further clean target fixing. + - -- Raspbian forward porter Thu, 13 May 2021 16:03:24 +0000 ++ -- Raspbian forward porter Thu, 10 Jun 2021 21:58:35 +0000 ++ + golang-1.15 (1.15.9-5) unstable; urgency=medium + + * Team upload. + * Backport patches for CVE-2021-33195 CVE-2021-33197 CVE-2021-33198 + + CVE-2021-33195: net: Lookup functions may return invalid host names + + CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection + headers if first one is empty + + CVE-2021-33198: math/big: (*Rat).SetString with "1.770p02041010010011001001" + crashes with "makeslice: len out of range" + + -- Shengjing Zhu Sat, 05 Jun 2021 19:36:34 +0800 + + golang-1.15 (1.15.9-4) unstable; urgency=medium + + * Team upload. + * Backport patch for CVE-2021-33196 + archive/zip: malformed archive may cause panic or memory exhaustion + https://github.com/golang/go/issues/46396 + + -- Shengjing Zhu Wed, 02 Jun 2021 10:56:03 +0800 golang-1.15 (1.15.9-3) unstable; urgency=medium