From: Raspbian automatic forward porter Date: Sun, 27 Mar 2022 06:37:31 +0000 (+0100) Subject: Merge version 1.15.15-1~deb11u2+rpi1 and 1.15.15-1~deb11u4 to produce 1.15.15-1~deb11... X-Git-Tag: archive/raspbian/1.15.15-1_deb11u4+rpi1^0 X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=bbc353a004f71b91843e4e6cd6d4b6e4ce47c025;p=golang-1.15.git Merge version 1.15.15-1~deb11u2+rpi1 and 1.15.15-1~deb11u4 to produce 1.15.15-1~deb11u4+rpi1 --- bbc353a004f71b91843e4e6cd6d4b6e4ce47c025 diff --cc debian/changelog index 4a3bcacc,3f40e5c1..e415bb7a --- a/debian/changelog +++ b/debian/changelog @@@ -1,14 -1,20 +1,32 @@@ - golang-1.15 (1.15.15-1~deb11u2+rpi1) bullseye-staging; urgency=medium ++golang-1.15 (1.15.15-1~deb11u4+rpi1) bullseye-staging; urgency=medium + + [changes brought forward from golang-1.10 1.10~rc2-1+rpi1 by Peter Michael Green at Sat, 24 Feb 2018 12:22:04 +0000] + * Build with GOARM=6 + * Disable testsuite. + * Fix clean target. + + [changes introduced in golang-1.12 1.12.7-3+rpi1 by Peter Michael Green] + * Further clean target fixing. + - -- Raspbian forward porter Tue, 21 Dec 2021 18:45:03 +0000 ++ -- Raspbian forward porter Sun, 27 Mar 2022 06:37:31 +0000 ++ + golang-1.15 (1.15.15-1~deb11u4) bullseye; urgency=medium + + * Backport patch for CVE-2022-24921: + regexp: stack exhaustion compiling deeply nested expressions + + -- Shengjing Zhu Fri, 04 Mar 2022 21:48:18 +0800 + + golang-1.15 (1.15.15-1~deb11u3) bullseye; urgency=medium + + * Backport patches for CVE-2022-23806 CVE-2022-23772 CVE-2022-23773 + + CVE-2022-23806: crypto/elliptic: fix IsOnCurve for big.Int values + that are not valid coordinates + + CVE-2022-23772: math/big: prevent large memory consumption in + Rat.SetString + + CVE-2022-23773: cmd/go: prevent branches from materializing into versions + + -- Shengjing Zhu Fri, 11 Feb 2022 23:45:44 +0800 golang-1.15 (1.15.15-1~deb11u2) bullseye; urgency=medium