-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 05 Jun 2021 19:36:34 +0800 Source: golang-1.15 Architecture: source Version: 1.15.9-5 Distribution: unstable Urgency: medium Maintainer: Go Compiler Team <team+go-compiler@tracker.debian.org> Changed-By: Shengjing Zhu <zhsj@debian.org> Changes: golang-1.15 (1.15.9-5) unstable; urgency=medium . * Team upload. * Backport patches for CVE-2021-33195 CVE-2021-33197 CVE-2021-33198 + CVE-2021-33195: net: Lookup functions may return invalid host names + CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty + CVE-2021-33198: math/big: (*Rat).SetString with "1.770p02041010010011001001" crashes with "makeslice: len out of range" Checksums-Sha1: c397d2054f89fd2701f28390e9cbfb95407b0a62 2028 golang-1.15_1.15.9-5.dsc f98e8e45995ba3b5667025b365e474c4619b311c 49224 golang-1.15_1.15.9-5.debian.tar.xz 687c38a5594d3ea0f82972f731f5167ff8683d85 6068 golang-1.15_1.15.9-5_amd64.buildinfo Checksums-Sha256: c3bcefb57bcbc549960eb19b429b0bd71e5de9d12145c42862d1aa76104910c6 2028 golang-1.15_1.15.9-5.dsc 2aa9310f509743f932500981dfe50cbe7cc99a5e50123c45478f2993196a674e 49224 golang-1.15_1.15.9-5.debian.tar.xz 786a36e557dc2017852f1e60cea4e26b24459579e2c922fde1bf45111d0753ef 6068 golang-1.15_1.15.9-5_amd64.buildinfo Files: 7f7939330e30a6494174a201f2bc7411 2028 devel optional golang-1.15_1.15.9-5.dsc 2863a43a43cb7e33938b503a35869f79 49224 devel optional golang-1.15_1.15.9-5.debian.tar.xz 388ede68ecdc74114d7a0feb7285806d 6068 devel optional golang-1.15_1.15.9-5_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iIYEARYIAC4WIQSRhdT1d2eu7mxV1B5/RPol6lUUywUCYLtkTxAcemhzakBkZWJp YW4ub3JnAAoJEH9E+iXqVRTLJoYA/iuCVchCYOo6slJE3JZeCQ9p5tccjeJh03Rg Drrg0JvfAQDL+kspdkHemukt1GvrlutDnTqyaUdMhopVYUD/HkxADw== =bLK8 -----END PGP SIGNATURE-----