-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 28 Apr 2025 11:48:38 +0200 Source: golang-github-gorilla-csrf Architecture: source Version: 1.7.2+ds1-2 Distribution: unstable Urgency: high Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org> Changed-By: Andrej Shadura <andrewsh@debian.org> Closes: 1103584 Changes: golang-github-gorilla-csrf (1.7.2+ds1-2) unstable; urgency=high . * Team upload. * SECURITY UPDATE: - CVE-2025-24358 / GHSA-rq77-p4h8-4crw: Fix CSRF via form submission from origins that share a top level domain with the target origin (Closes: #1103584). Checksums-Sha1: 3d2dc6c23214656237ebf265eac7c5d906265456 1834 golang-github-gorilla-csrf_1.7.2+ds1-2.dsc 0cb81ad76a15745f6b4e5bb721e2db7febaa6eec 8896 golang-github-gorilla-csrf_1.7.2+ds1-2.debian.tar.xz Checksums-Sha256: 345727ccd8f84b0bfd573740676fae752a2f0e84d8b0f5a958c0630db949f973 1834 golang-github-gorilla-csrf_1.7.2+ds1-2.dsc fdeef1dc8b42d47cc7854b9f887c78529a1ab5240564f549e9b793259ac2ee4f 8896 golang-github-gorilla-csrf_1.7.2+ds1-2.debian.tar.xz Files: 566b2e3595049115930557ec84633b22 1834 golang optional golang-github-gorilla-csrf_1.7.2+ds1-2.dsc 9df28b9c66067d76873cac0933b6d7fd 8896 golang optional golang-github-gorilla-csrf_1.7.2+ds1-2.debian.tar.xz -----BEGIN PGP SIGNATURE----- iHUEARYKAB0WIQSD3NF/RLIsyDZW7aHoRGtKyMdyYQUCaA9PdQAKCRDoRGtKyMdy YV4xAQDmGps7uyr2ldaJvQ8rZLtQlKbGAL7wEvjZGAKPc2uaNwEA/J4s2YwKd0TN ES7Y2Sf0BMJd5X3N1z0IKTYL8RR3oQ8= =9Kt/ -----END PGP SIGNATURE-----
