Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted gokey 0.2.0-1 (source) into unstable
Date: Fri, 23 Jan 2026 03:48:41 +0000
Signed by: Samuel Henrique <samueloph@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Tue, 13 Jan 2026 23:50:52 -0300
Source: gokey
Architecture: source
Version: 0.2.0-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Matheus Polkorny <mpolkorny@gmail.com>
Closes: 1121846
Changes:
 gokey (0.2.0-1) unstable; urgency=medium
 .
   * Team upload
   * New upstream version 0.2.0
     - Fix CVE-2025-13353 (A flaw in the seed decryption logic
       resulted in passwords incorrectly being derived solely
       from the initial vector and the AES-GCM authentication
       tag of the key seed) (Closes: #1121846)
   * d/gokey.NEWS: Add file regarding CVE-2025-13353
   * d/p/0001-Import-deterministic.patch: Remove patch applied
Checksums-Sha1:
 d165cce1279e751e5d3d4af4612f3810ac97ba2f 2205 gokey_0.2.0-1.dsc
 00bd103f11cc7c7774b264ed4ee8e13fed7ff1b2 18804 gokey_0.2.0.orig.tar.xz
 27034d57ec4681cd748541775764b3e7519f2648 4992 gokey_0.2.0-1.debian.tar.xz
 95ab671611b3405da6b2cf68055bc1c5ba6cf412 6812 gokey_0.2.0-1_amd64.buildinfo
Checksums-Sha256:
 e548962782205e4b4faca897902dc8f5a614c907db961d06f8b894de0547a1b4 2205 gokey_0.2.0-1.dsc
 8868c1a4b1c360729b886a62f86fa8d0fa3be11a405413a2c023141ad9751b58 18804 gokey_0.2.0.orig.tar.xz
 9524b933359ee1653174045a2937ad146304624edc4f160c5d44536296950b40 4992 gokey_0.2.0-1.debian.tar.xz
 e7a648f2388d364e3a4028a54b9f9778f2d5ea285038b3b4a4b0370074a37102 6812 gokey_0.2.0-1_amd64.buildinfo
Files:
 969499313bbaa505987d4cfa96198cd1 2205 utils optional gokey_0.2.0-1.dsc
 7625d6dd1e42e8b6c1ff08448053ead0 18804 utils optional gokey_0.2.0.orig.tar.xz
 7945739392efd15807e48a0d56bac276 4992 utils optional gokey_0.2.0-1.debian.tar.xz
 03bb616800985efe10459a54709eb44b 6812 utils optional gokey_0.2.0-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEBdtqg34QX0sdAsVfu6n6rcz7RwcFAmly68YACgkQu6n6rcz7
RweeJxAAh6HYLRIYN9Ob3mLTdun3Ovz8zfY15qk0N4yFAtsaec5gCVs9AkGaDFxS
II5lcWUayaAJ106qLBaMzVFpdyuFKWOLOc6czcVBoGGQ8LF2fDfu8x4dTKqLfSKK
hrr1UBQVxQuc10vQpPQQgcitUwJovCE1YWKOws/X1dlzPw7Gn+8Eq7zGag2TKbGB
W2R0LRr0ShWpxxnbmT4WzgQA8ELBAtV9bi+vDa8cY0d0z5UF/hJ6U0ko9FICakvn
82WwdBYvMDPpkdtdrJUXVClC/bPQkhRA3fPiR57wvQBXEyWvWPz2uaam6BYXMQ3t
/onpwIPkVF9c1fzpNeywvKj9yF6E9kkqg1opVs04h27cHRAdxCAyTSUA2RDUOOD4
KaRaHN/67QEWLi/+QF8NR7V76Ra5xlDt1schZdg1kjEVnFcO9E7oOhLnDd2rrBaP
9SIeEGpK9DLf+GhClkDfqOts6iaat7i4e0ZF+j32wjBiL5u7D8+habgcV9/WtDkL
VI8UXWTQH5wyp07qVQimtiCLiaokZhimhME03DAsdYcYKy0Cu2zdvu6mX6mXieQL
SPDpBuhEBmE/9mAMDZDsdvGZH47ubh4jIZw+nNh180xaVA0ozXYJnyspPR6ycDDg
60dFEY5N68FhiLnatC4b3hipaoais9YJG/tnTaQ/iz43eSu06Eg=
=iWwS
-----END PGP SIGNATURE-----

News for package gokey