From: Raspbian automatic forward porter <root@raspbian.org>
Date: Wed, 10 Feb 2021 04:36:24 +0000 (+0000)
Subject: Merge version 1.11.6-1+rpi1+deb10u2 and 1.11.6-1+deb10u4 to produce 1.11.6-1+rpi1... 
X-Git-Tag: archive/raspbian/1.11.6-1+rpi1+deb10u4^0
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8b80a12c4f8044b8ab6fc416c15fd8ba03e86e2a;p=golang-1.11.git

Merge version 1.11.6-1+rpi1+deb10u2 and 1.11.6-1+deb10u4 to produce 1.11.6-1+rpi1+deb10u4
---

8b80a12c4f8044b8ab6fc416c15fd8ba03e86e2a
diff --cc debian/changelog
index f4eb927,e33669a..1ea16cf
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,11 -1,33 +1,42 @@@
- golang-1.11 (1.11.6-1+rpi1+deb10u2) buster-staging; urgency=medium
++golang-1.11 (1.11.6-1+rpi1+deb10u4) buster-staging; urgency=medium
 +
 +  [changes brought forward from golang-1.10 1.10~rc2-1+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Sat, 24 Feb 2018 12:22:04 +0000]
 +  * Build with GOARM=6
 +  * Disable testsuite.
 +  * Fix clean target.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Fri, 04 Oct 2019 01:12:15 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Wed, 10 Feb 2021 04:36:24 +0000
++
+ golang-1.11 (1.11.6-1+deb10u4) buster-security; urgency=high
+ 
+   * Team upload.
+ 
+   [ Dr. Tobias Quathamer ]
+   * cryptobyte: fix panic due to malformed ASN.1 inputs on 32-bit archs
+     https://github.com/golang/go/issues/36837
+     CVE-2020-7919
+   * net/http: Expect 100-continue panics in httputil.ReverseProxy
+     https://github.com/golang/go/issues/34902
+     CVE-2020-15586
+   * encoding/binary: ReadUvarint and ReadVarint can read an unlimited
+     number of bytes from invalid inputs
+     https://github.com/golang/go/issues/40618
+     CVE-2020-16845
+ 
+   [ Shengjing Zhu ]
+   * crypto/elliptic: incorrect operations on the P-224 curve
+     https://github.com/golang/go/issues/43786
+     CVE-2021-3114
+ 
+  -- Shengjing Zhu <zhsj@debian.org>  Mon, 25 Jan 2021 03:15:38 +0800
+ 
+ golang-1.11 (1.11.6-1+deb10u3) buster-security; urgency=high
+ 
+   * crypto/dsa: prevent bad public keys from causing panic
+     https://github.com/golang/go/issues/34960
+     CVE-2019-17596
+ 
+  -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 19 Oct 2019 14:12:42 +0200
  
  golang-1.11 (1.11.6-1+deb10u2) buster-security; urgency=high