Debian Package Tracker - golang-x-text

general

source: golang-x-text (main)
version: 0.3.0-2
maintainer: Debian Go packaging team (DMD)
uploaders: Martín Ferrari [DMD] – Anthony Fok [DMD]
arch: all
std-ver: 4.2.1
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 0.0~git20161013.0.c745997-2
old-bpo: 0.3.0-1~bpo9+1
stable: 0.3.0-2

versioned links

0.0~git20161013.0.c745997-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.3.0-1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
0.3.0-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

golang-golang-x-text-dev
golang-x-text-dev

package is gone

This package is not in any development repository. This probably means that the package has been removed (or has been renamed). Thus the information here is of little interest ... the package is going to disappear unless someone takes it over and reintroduces it.

action needed

Debci reports failed tests high

unstable: pass (log)
The tests ran in 0:02:21
Last run: 2020-04-07 06:10:52 UTC
Previous status: pass

testing: fail (log)
The tests ran in 0:00:28
Last run: 2021-01-19 17:30:51 UTC
Previous status: fail

Created: 2020-10-31 Last update: 2021-01-24 23:32

A new upstream version is available: 0.3.5 high

A new upstream version 0.3.5 is available, you should consider packaging it.

Created: 2020-06-29 Last update: 2021-01-24 20:33

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

changelog package golang-golang-x-text does not match source golang-x-text

Created: 2019-11-20 Last update: 2021-01-21 08:35

3 security issues in stretch high

There are 3 open security issues in stretch.

2 important issues:

CVE-2020-28851: In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
CVE-2020-28852: In x/text in Go 1.15.4, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

1 issue skipped by the security teams:

CVE-2020-14040: The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Please fix them.

Created: 2020-07-04 Last update: 2021-01-12 22:04

3 security issues in buster high

There are 3 open security issues in buster.

2 important issues:

CVE-2020-28851: In x/text in Go 1.15.4, an "index out of range" panic occurs in language.ParseAcceptLanguage while parsing the -u- extension. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)
CVE-2020-28852: In x/text in Go 1.15.4, a "slice bounds out of range" panic occurs in language.ParseAcceptLanguage while processing a BCP 47 tag. (x/text/language is supposed to be able to parse an HTTP Accept-Language header.)

1 issue skipped by the security teams:

CVE-2020-14040: The x/text package before 0.3.3 for Go has a vulnerability in encoding/unicode that could lead to the UTF-16 decoder entering an infinite loop, causing the program to crash or run out of memory. An attacker could provide a single byte to a UTF16 decoder instantiated with UseBOM or ExpectBOM to trigger an infinite loop if the String function on the Decoder is called, or the Decoder is passed to golang.org/x/text/transform.String.

Please fix them.

Created: 2020-07-04 Last update: 2021-01-12 22:04

news

[rss feed]

[2020-08-22] Removed 0.3.2-1 from unstable (Debian FTP Masters)
[2020-08-19] golang-x-text REMOVED from testing (Debian testing watch)
[2019-07-30] golang-x-text 0.3.2-1 MIGRATED to testing (Debian testing watch)
[2019-07-27] Accepted golang-x-text 0.3.2-1 (source) into unstable (Anthony Fok)
[2018-09-05] golang-x-text 0.3.0-2 MIGRATED to testing (Debian testing watch)
[2018-09-01] Accepted golang-x-text 0.3.0-2 (source) into unstable (Shengjing Zhu)
[2018-06-12] Accepted golang-x-text 0.3.0-1~bpo9+1 (source all) into stretch-backports (Anthony Fok)
[2018-05-15] Accepted golang-x-text 0.0~git20170627.0.6353ef0-1~bpo9+1 (source all) into stretch-backports, stretch-backports (Anthony Fok)
[2018-05-11] golang-x-text 0.3.0-1 MIGRATED to testing (Debian testing watch)
[2018-05-09] Accepted golang-x-text 0.3.0-1 (source all) into unstable (Anthony Fok)
[2017-07-04] golang-x-text 0.0~git20170627.0.6353ef0-1 MIGRATED to testing (Debian testing watch)
[2017-06-29] Accepted golang-x-text 0.0~git20170627.0.6353ef0-1 (source all) into unstable (Anthony Fok)
[2017-02-13] Accepted golang-x-text 0.0~git20161013.0.c745997-2~bpo8+1 (source all) into jessie-backports (Martín Ferrari)
[2016-11-26] golang-x-text 0.0~git20161013.0.c745997-2 MIGRATED to testing (Debian testing watch)
[2016-11-20] Accepted golang-x-text 0.0~git20161013.0.c745997-2 (source) into unstable (Martín Ferrari)
[2016-10-20] golang-x-text 0.0~git20161013.0.c745997-1 MIGRATED to testing (Debian testing watch)
[2016-10-14] Accepted golang-x-text 0.0~git20161013.0.c745997-1 (source all) into unstable (Anthony Fok)
[2016-09-03] golang-x-text 0.0~git20160816.0.d69c40b-1 MIGRATED to testing (Debian testing watch)
[2016-08-28] Accepted golang-x-text 0.0~git20160816.0.d69c40b-1 (source all) into unstable (Anthony Fok)
[2016-06-14] golang-x-text 0.0~git20160606.0.a4d77b4-1 MIGRATED to testing (Debian testing watch)
[2016-06-08] Accepted golang-x-text 0.0~git20160606.0.a4d77b4-1 (source all) into unstable (Anthony Fok)
[2016-05-29] Accepted golang-x-text 0.0~git20160420.0.3100578-2~bpo8+1 (source all) into jessie-backports, jessie-backports (Martín Ferrari)
[2016-05-07] golang-x-text 0.0~git20160420.0.3100578-2 MIGRATED to testing (Debian testing watch)
[2016-05-01] Accepted golang-x-text 0.0~git20160420.0.3100578-2 (source all) into unstable (Martín Ferrari)
[2016-04-29] Accepted golang-x-text 0.0~git20160420.0.3100578-1 (source all) into unstable, unstable (Anthony Fok)
[2016-02-12] golang-x-text 0+git20151217.cf49866-1 MIGRATED to testing (Debian testing watch)
[2016-02-06] Accepted golang-x-text 0+git20151217.cf49866-1 (source all) into unstable (Tim Potter) (signed by: Dmitry Smirnov)
[2015-06-14] golang-x-text 0+git20150518.c93e7c9-1 MIGRATED to testing (Britney)
[2015-06-08] Accepted golang-x-text 0+git20150518.c93e7c9-1 (source all) into unstable, unstable (Martín Ferrari)

bugs [bug history graph]

all: 0

links

homepage
buildd: logs, clang
popcon
browse source code
edit tags
other distros
security tracker
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 0.3.2-1