golang-github-gorilla-schema - Debian Package Tracker

general

source: golang-github-gorilla-schema (main)
version: 1.4.1-1
maintainer: Debian Go Packaging Team (DMD)
uploaders: Reinhard Tartler [DMD]
arch: all
std-ver: 4.6.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 1.2.0-2
stable: 1.4.1-1
testing: 1.4.1-1
unstable: 1.4.1-1

versioned links

1.2.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

golang-github-gorilla-schema-dev

action needed

Fails to build during reproducibility testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2026-05-03 Last update: 2026-05-06 06:33

9 new commits since last upload, is it time to release? normal

vcswatch reports that this package seems to have new commits in its VCS but has not yet updated debian/changelog. You should consider updating the Debian changelog and uploading this new version into the archive.

Here are the relevant commit logs:

commit 608198feb0d54f2642e4d933b7721b28ffdafafb
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Sun Apr 27 09:40:05 2025 -0400

    debian/changelog: update

commit d3b762f0214ee424ff9b58d56a381c0697a09645
Merge: 19d5c7c 4bb0220
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Sun Apr 27 09:39:20 2025 -0400

    Update upstream source from tag 'upstream/1.4.1'
    
    Update to upstream version '1.4.1'
    with Debian dir 5ace2c18a422432a1521e6be09ec827748dacc3a

commit 4bb0220d1d16d85ff1ddacb50fa596b096ab4cdb
Merge: 22f39e3 cd59f2f
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Sun Apr 27 09:39:20 2025 -0400

    New upstream version 1.4.1

commit 19d5c7cbd916fb3f4fbff7abe04c6a2daa3498bf
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Mon Nov 28 07:32:59 2022 -0500

    debian/changelog: update

commit a46706753dd304328fdcf4680aa02f757b9908d4
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Mon Nov 28 07:33:52 2022 -0500

    Bump standards version

commit 86a618a0a25ba3a904a5aa5758d6802f55cc97f2
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu May 19 08:18:12 2022 -0400

    add itp

commit 083de05db5dc0cedbc8388db6e230c13c8a61f65
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu May 19 08:05:08 2022 -0400

    initial packaging

commit 22f39e3c2acec8b0f048729eb889412e930e4df8
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu May 19 08:01:17 2022 -0400

    New upstream version 1.2.0

commit 7d6eff9f0fe0480ada57308e42225547957ce653
Author: Reinhard Tartler <siretart@tauware.de>
Date:   Thu May 19 08:01:17 2022 -0400

    Ignore _build and quilt .pc dirs via .gitignore

Created: 2022-05-29 Last update: 2026-05-03 21:35

1 low-priority security issue in bookworm low

There is 1 open security issue in bookworm.

1 issue left for the package maintainer to handle:

CVE-2024-37298: (needs triaging) gorilla/schema converts structs to and from form values. Prior to version 1.4.1 Running `schema.Decoder.Decode()` on a struct that has a field of type `[]struct{...}` opens it up to malicious attacks regarding memory allocations, taking advantage of the sparse slice functionality. Any use of `schema.Decoder.Decode()` on a struct with arrays of other structs could be vulnerable to this memory exhaustion vulnerability. Version 1.4.1 contains a patch for the issue.

You can find information about how to handle this issue in the security team's documentation.

Created: 2024-07-03 Last update: 2026-04-28 19:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.7.4 instead of 4.6.1).

Created: 2022-12-17 Last update: 2026-03-31 15:01

news

[rss feed]

[2025-05-08] golang-github-gorilla-schema 1.4.1-1 MIGRATED to testing (Debian testing watch)
[2025-04-27] Accepted golang-github-gorilla-schema 1.4.1-1 (source) into unstable (Reinhard Tartler)
[2022-11-30] golang-github-gorilla-schema 1.2.0-2 MIGRATED to testing (Debian testing watch)
[2022-11-28] Accepted golang-github-gorilla-schema 1.2.0-2 (source) into unstable (Reinhard Tartler)
[2022-05-29] Accepted golang-github-gorilla-schema 1.2.0-1 (all source) into unstable, unstable (Debian FTP Masters) (signed by: Reinhard Tartler)

bugs [bug history graph]

all: 0

links

homepage
lintian
buildd: logs, reproducibility
popcon
browse source code
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.1-1