From: Raspbian automatic forward porter <root@raspbian.org>
Date: Sun, 9 Feb 2020 10:42:09 +0000 (+0000)
Subject: Merge version 1.13.6-2+rpi1 and 1.13.7-1 to produce 1.13.7-1+rpi1
X-Git-Tag: archive/raspbian/1.13.7-1+rpi1^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=738a703431f3b2643af94293e68bd021c235f6aa;p=golang-1.13.git

Merge version 1.13.6-2+rpi1 and 1.13.7-1 to produce 1.13.7-1+rpi1
---

738a703431f3b2643af94293e68bd021c235f6aa
diff --cc debian/changelog
index 406ab9a,0c7317d..7dc177d
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,14 -1,15 +1,27 @@@
- golang-1.13 (1.13.6-2+rpi1) bullseye-staging; urgency=medium
++golang-1.13 (1.13.7-1+rpi1) bullseye-staging; urgency=medium
 +
 +  [changes brought forward from golang-1.10 1.10~rc2-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 24 Feb 2018 12:22:04 +0000]
 +  * Build with GOARM=6
 +  * Disable testsuite.
 +  * Fix clean target.
 +
 +  [changes introduced in golang-1.12 1.12.7-3+rpi1 by Peter Michael Green]
 +  * Further clean target fixing.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Tue, 28 Jan 2020 20:50:59 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Sun, 09 Feb 2020 10:42:08 +0000
++
+ golang-1.13 (1.13.7-1) unstable; urgency=medium
+ 
+   * New upstream version 1.13.7
+     - cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs.
+       When int is 32 bits wide (on 32-bit architectures like 386 and arm),
+       an overflow could occur, causing a panic, due to malformed ASN.1
+       being passed to any of the ASN1 methods of String.
+       This fixes CVE-2020-7919 and was found thanks to the
+       Project Wycheproof test vectors.
+   * Update upstream's signing key
+ 
+  -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 31 Jan 2020 21:47:40 +0100
  
  golang-1.13 (1.13.6-2) unstable; urgency=medium