Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-backports-changes@lists.debian.org>
Subject: Accepted golang-1.21 1.21.8-1~bpo12+1 (source) into stable-backports
Date: Fri, 15 Mar 2024 08:53:18 +0000
Signed by: Anthony Fok <foka@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 15 Mar 2024 01:53:26 -0600
Source: golang-1.21
Architecture: source
Version: 1.21.8-1~bpo12+1
Distribution: bookworm-backports
Urgency: medium
Maintainer: Debian Go Compiler Team <team+go-compiler@tracker.debian.org>
Changed-By: Anthony Fok <foka@debian.org>
Changes:
 golang-1.21 (1.21.8-1~bpo12+1) bookworm-backports; urgency=medium
 .
   * Rebuild for bookworm-backports.
 .
 golang-1.21 (1.21.8-1) unstable; urgency=medium
 .
   * Team upload
   * New upstream version 1.21.8
     + CVE-2024-24783: crypto/x509: Verify panics on certificates with an
       unknown public key algorithm
     + CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm
     + CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of
       sensitive headers and cookies on HTTP redirect
     + CVE-2024-24785: html/template: errors returned from MarshalJSON methods
       may break template escaping
     + CVE-2024-24784: net/mail: comments in display names are incorrectly
       handled
   * Update upstream signing key
Checksums-Sha1:
 d2ded6e71bea648492b98d8338cc10e5495ac633 2955 golang-1.21_1.21.8-1~bpo12+1.dsc
 06033bf666a57b88582b1460c08e31eb703c7161 40896 golang-1.21_1.21.8-1~bpo12+1.debian.tar.xz
 e4f7537500be6b2e0feae967340b8b678eb2135f 7164 golang-1.21_1.21.8-1~bpo12+1_amd64.buildinfo
Checksums-Sha256:
 9bc364c696ccf0b17b8b1473445d9c5d18c30a9dbee9ef193015bfbad04809c4 2955 golang-1.21_1.21.8-1~bpo12+1.dsc
 883808f2bac80f963a1594e944be5387ab20fd34a0145db14fda15851fc29125 40896 golang-1.21_1.21.8-1~bpo12+1.debian.tar.xz
 88ebe68897bd3d0cabf4c66d9f4bbf707062c88a190711a243bcdd37ed12f817 7164 golang-1.21_1.21.8-1~bpo12+1_amd64.buildinfo
Files:
 7fc7463257a51ad81ce01deaa443da96 2955 golang optional golang-1.21_1.21.8-1~bpo12+1.dsc
 4edd60696bbb5c8b86b6e3466bc9fcad 40896 golang optional golang-1.21_1.21.8-1~bpo12+1.debian.tar.xz
 e1e292b575acce81aec9f5ff5bbf50e9 7164 golang optional golang-1.21_1.21.8-1~bpo12+1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmX0Ba0QHGZva2FAZGVi
aWFuLm9yZwAKCRDqJQC0EsWaz63WEAChWEs7tssqCt7O5sZF0BJt95y5Q0CaPtsh
g5/aKIiDCXrOQF19z2tmPG4WruRgE1XCvZ315tRaLJ0zYS4rsfzYoz6jBNlD6qB+
wQFaqH/Dt33swJ+wJLzvK+swpGQsnCJePcQaebUsXyoPnkugSpDRPQMSVrYaAu+W
ljO5E4MC2czqykZvzcC4TW8Rb+dppCOuX6d2a36YFFldfeZUlROXc78pfgD1O24a
/LLJS5GKZV6puRIW6IlnXjcFPLbTwD7iLRpmIeIkqMVZjmuzfnAKqylQhsp0N2LZ
p/9TUUmEqJQxV9608zJgzgZU2RCniAA55JsCFoY1/Dh0Gl5qToxjkHHacc9M6Svf
/5uv4JKGCNGmavlDxamYDPAztLtKf5XcV3JTgnLyx91bX29Pi0NiGP0TbL0lUwiL
EehX2yqLclMp2Pr+MEW0NAgMkJ7fZJRSjwFbCKGifQcfCEk+gl9c1LAaAC36sDDV
LrLMT3sxYIq4RLYZx4kRr7qrxZeJYsESIP3O67+dCZMfRtF2uz5yJfRiho6A/N2v
vIwsitRhmsmUgNY/Yd1rqBkXUEz7ve24fpRzocFrDsVch0sm2B/NsfmO2zwvNYFq
1MwIdEFky0zG/pMBvRVNbMK4SmcvacVJGQD49lEky9KQ3dU194zHTOi6LgpHst4K
Kl3EKOD1Vg==
=s+zI
-----END PGP SIGNATURE-----

News for package golang-1.21