-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 12 Nov 2023 19:19:47 -0700 Source: golang-1.19 Architecture: source Version: 1.19.13-1~bpo11+1 Distribution: bullseye-backports-sloppy Urgency: medium Maintainer: Debian Go Compiler Team <team+go-compiler@tracker.debian.org> Changed-By: Anthony Fok <foka@debian.org> Changes: golang-1.19 (1.19.13-1~bpo11+1) bullseye-backports-sloppy; urgency=medium . * Rebuild for bullseye-backports-sloppy. . golang-1.19 (1.19.13-1) unstable; urgency=medium . * Team upload * New upstream version 1.19.13 + Improve backward compatibility for fixes of CVE-2023-29409 and CVE-2023-29406. . golang-1.19 (1.19.12-2~bpo11+1) bullseye-backports-sloppy; urgency=medium . * Rebuild for bullseye-backports-sloppy. . golang-1.19 (1.19.12-2) unstable; urgency=medium . * Team upload * Backport patch to fix link tests on riscv64 . golang-1.19 (1.19.12-1) unstable; urgency=medium . * Team upload * New upstream version 1.19.12 + CVE-2023-29409: crypto/tls: restrict RSA keys in certificates to <= 8192 bits . golang-1.19 (1.19.11-1) unstable; urgency=medium . * Team upload * New upstream version 1.19.11 + CVE-2023-29406: net/http: insufficient sanitization of Host header * Add autopkgtest . golang-1.19 (1.19.10-2) unstable; urgency=medium . * Team upload * Upload to unstable . golang-1.19 (1.19.10-1) experimental; urgency=medium . * Team upload * New upstream version 1.19.10 + CVE-2023-29402: cmd/go: cgo code injection + CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries + CVE-2023-29404/CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS . golang-1.19 (1.19.9-1) experimental; urgency=medium . * Team upload * New upstream version 1.19.9 + CVE-2023-24539: html/template: improper sanitization of CSS values + CVE-2023-24540: html/template: improper handling of JavaScript whitespace + CVE-2023-29400: html/template: improper handling of empty HTML attributes Checksums-Sha1: 29744d0235e8f6820b3803305e0209b73c6bb793 2962 golang-1.19_1.19.13-1~bpo11+1.dsc 877fbdbf4bb48d364444d832384967e5c7ca5f73 43472 golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz 1a3b49601c87531e3cdc8a2b09b212ba8883175f 7262 golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo Checksums-Sha256: 57c7813333eb49119bdcd117aa1c6aec860184815f81420dd0753d4f9e987450 2962 golang-1.19_1.19.13-1~bpo11+1.dsc 1f9e75a0a3ed8f7288ce9882cc099e46a573e3c0cf1f8163be5b4639aa768d5f 43472 golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz 597887915713f249336fe9b495d5458ef42f6fb8afc3263d9b2d854390553f01 7262 golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo Files: e36bf09fc2420e594622fe910d251093 2962 golang optional golang-1.19_1.19.13-1~bpo11+1.dsc 8b4a99e25782194d2ca6a4f8844ffb86 43472 golang optional golang-1.19_1.19.13-1~bpo11+1.debian.tar.xz 827d6d4f86610d592789a8f7360f033d 7262 golang optional golang-1.19_1.19.13-1~bpo11+1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmVRkhwQHGZva2FAZGVi aWFuLm9yZwAKCRDqJQC0EsWaz2iUEACwf9jD2nYWZyVN4ahENxN3650H7iQES2Ng 8tut+DpAIOlM3+VsgBrg+oFBdvKouLabKF8M4EFrQ8uO+GXyO6HtSg8VbBq8yFGE rDfvmXSseA5xprtjqIf0lgsDbiujHFGJuPqL7NYJ9vMe/gN6XUZtFNgoh2vNTlC5 jsFV4JPqPtxbfK0rj4HLhZUQd6hq4AIPJz6IgtidhF//RLwJy/Yw16WbtX2mmeVq +5po90Pwz87YkVSPnCPVVJ53dp9yqWSctZgsB+bU4fjOmulElgJh8q47djJ0Qenm xoOZDRQaQCSeL0n9TUs/E2unmvxzSK1z7ncqJ9UxOWfcwUZ6KjPcZjsnKnyBDOz2 MJzwL6KpUjSmeOOjx1hKvwdwmcBFAxj8kQmmsDj7/bvJ3beL87cOdka4pSEc6x0I BH/npsGKYuEeDphWfc2CDcfAvPssrA+VKyPOnp8LBiFGpwoP7dFwIKogoLObZms9 3KAFn9FRDlpp+tJT4gnUvvEdOfsEbiA3owDP9V7Z1TT53nAHI7BfABQfd7HnWqfd +srNMKZWnOqhZEFwPF69JP7C+byyqcjtkisCFQRwdCoOHlpBK0nZmmUlD8ojR7cF cMS+3wweo6qvhMvrSyFPA9qYsTyZ9JRgj7DjiUYAIUJZo6O0whj6EJUnhbrs69kD 6vhQq6+PBQ== =QiF8 -----END PGP SIGNATURE-----