From: Raspbian automatic forward porter <root@raspbian.org>
Date: Fri, 14 Oct 2022 20:00:42 +0000 (+0100)
Subject: Merge version 1.18.6-1+rpi1 and 1.18.7-1 to produce 1.18.7-1+rpi1
X-Git-Tag: archive/raspbian/1.18.7-1+rpi1
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=b8eba5529427bf03d23d9c1f2aeb5d4945dad3e7;p=golang-1.18.git

Merge version 1.18.6-1+rpi1 and 1.18.7-1 to produce 1.18.7-1+rpi1
---

67e27b0d2e6b4d77a0f373c9b1160cdd7d0a76ef
diff --cc debian/changelog
index added3c9,8ba353fc..a06a1fa9
--- a/debian/changelog
+++ b/debian/changelog
@@@ -1,9 -1,13 +1,20 @@@
- golang-1.18 (1.18.6-1+rpi1) bookworm-staging; urgency=medium
++golang-1.18 (1.18.7-1+rpi1) bookworm-staging; urgency=medium
 +
 +  [changes brought forward from 1.18.4-2+rpi1 by Peter Michael Green <plugwash@raspbian.org> at Tue, 09 Aug 2022 16:49:03 +0000]
 +  * Disable testsuite.
 +
-  -- Raspbian forward porter <root@raspbian.org>  Sat, 24 Sep 2022 18:58:16 +0000
++ -- Raspbian forward porter <root@raspbian.org>  Fri, 14 Oct 2022 20:00:41 +0000
++
+ golang-1.18 (1.18.7-1) unstable; urgency=medium
+ 
+   * New upstream version 1.18.7
+     + CVE-2022-2879: archive/tar: unbounded memory consumption when reading
+       headers
+     + CVE-2022-2880: net/http/httputil: ReverseProxy should not forward
+       unparseable query parameters
+     + CVE-2022-41715: regexp/syntax: limit memory used by parsing regexps
+ 
+  -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 04 Oct 2022 15:34:34 -0500
  
  golang-1.18 (1.18.6-1) unstable; urgency=medium