-
golang-go.crypto (1:0.23.0-1) unstable; urgency=medium
* New upstream version 0.23.0
* Bump versioned dependencies as per go.mod
* Update local copy of golang.org/x/net/idna from v0.10.0 to v0.21.0
-- Anthony Fok <email address hidden> Mon, 20 May 2024 18:46:25 -0600
-
golang-go.crypto (1:0.22.0-1) unstable; urgency=medium
* New upstream version 0.22.0
* Bump versioned dependencies as per go.mod
* Bump Standards-Version to 4.7.0 (no change)
-- Anthony Fok <email address hidden> Fri, 26 Apr 2024 03:11:29 -0600
-
golang-go.crypto (1:0.21.0-1) unstable; urgency=medium
* New upstream version 0.21.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Sun, 24 Mar 2024 17:54:46 -0600
-
golang-go.crypto (1:0.19.0-1) unstable; urgency=medium
* New upstream version 0.19.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Fri, 23 Feb 2024 19:29:57 -0700
-
golang-go.crypto (1:0.18.0-1) unstable; urgency=medium
* New upstream version 0.18.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Mon, 29 Jan 2024 14:46:20 -0700
-
golang-go.crypto (1:0.17.0-1) unstable; urgency=medium
* New upstream version 0.17.0
* CVE-2023-48795
ssh: implement strict KEX protocol changes
Implement the "strict KEX" protocol changes, as described in section
1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1).
(Closes: #1059003)
-- Anthony Fok <email address hidden> Sun, 07 Jan 2024 08:25:22 -0700
-
golang-go.crypto (1:0.16.0-1) unstable; urgency=medium
* New upstream version 0.16.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Thu, 07 Dec 2023 01:53:53 -0700
-
golang-go.crypto (1:0.14.0-1) unstable; urgency=medium
* New upstream version 0.14.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Wed, 01 Nov 2023 02:00:40 -0600
-
golang-go.crypto (1:0.13.0-1) unstable; urgency=medium
* New upstream version 0.13.0
* Bump versioned dependencies as per go.mod
-- Anthony Fok <email address hidden> Thu, 12 Oct 2023 01:27:41 -0600
-
golang-go.crypto (1:0.12.0-1) unstable; urgency=medium
* New upstream version 0.12.0
* Bump versioned dependencies as per go.mod
* Refresh Debian patches
-- Anthony Fok <email address hidden> Mon, 09 Oct 2023 18:04:57 -0600
-
golang-go.crypto (1:0.10.0-1) unstable; urgency=medium
* New upstream version 0.10.0
* Add debian/update-vendored-golang-x-net-idna.sh script
to facilitate the download of golang.org/x/net/idna for vendoring
to avoid circular dependency with golang-golang-x-net-dev;
see debian/README.source for details.
* debian/rules: Add execute_after_dh_auto_configure target
to copy golang.org/x/net into vendor directory during build time
* Commit our local copy of golang.org/x/net/idna v0.10.0
downloaded with debian/update-vendored-golang-x-net-idna.sh
* Bump versioned dependencies as per go.mod,
removing dependency on golang-golang-x-net-dev, but
adding dependency on golang-golang-x-text-dev
which is needed by our vendored copy of golang.org/x/net/idna.
-- Anthony Fok <email address hidden> Thu, 21 Sep 2023 04:55:01 -0600
-
golang-go.crypto (1:0.4.0-1) unstable; urgency=medium
* Team upload
* New upstream version 0.4.0
* Update Standards-Version to 4.6.2 (no changes)
-- Shengjing Zhu <email address hidden> Mon, 02 Jan 2023 23:01:47 +0800
-
golang-go.crypto (1:0.1.0-1) unstable; urgency=medium
* Team upload
[ Anthony Fok ]
* Build-depend explicitly on golang-any (>= 2:1.17~) as per go.mod
to facilitate backports.
* Remove unneeded dependency on ${shlibs:Depends}
[ Shengjing Zhu ]
* Switch to upstream tag version in uscan
* New upstream version 0.1.0
-- Shengjing Zhu <email address hidden> Wed, 26 Oct 2022 16:03:49 +0800
-
golang-go.crypto (1:0.0~git20220829.c86fa9a-1) unstable; urgency=medium
* New upstream version 0.0~git20220829.c86fa9a
* Bump dependency: golang-golang-x-net-dev (>= 1:0.0+git20211112.69e39ba)
* Reorder fields in debian/control and debian/copyright
* Use dh-sequence-golang instead of dh-golang and --with=golang
* debian/rules: Invoke dh with --builddirectory=_build
* Bump Standards-Version to 4.6.1 (no change)
* debian/golang-golang-x-crypto-dev.docs: Remove AUTHORS and CONTRIBUTORS
which were deleted upstream; see https://github.com/golang/go/issues/53961
-- Anthony Fok <email address hidden> Mon, 05 Sep 2022 06:00:18 -0600
-
golang-go.crypto (1:0.0~git20220315.3147a52-1) unstable; urgency=medium
* Team upload.
[ Debian Janitor ]
* Remove constraints unnecessary since buster
* Build-Depends: Drop versioned constraint on golang-any.
[ Shengjing Zhu ]
* New upstream version 0.0~git20211202.5770296
* CVE-2022-27191
Potential crash in a golang.org/x/crypto/ssh server when using custom
Signer.
-- Shengjing Zhu <email address hidden> Thu, 17 Mar 2022 01:21:05 +0800
-
golang-go.crypto (1:0.0~git20211202.5770296-1) unstable; urgency=medium
* Team upload.
* New upstream version 0.0~git20211202.5770296
+ CVE-2021-43565
x/crypto/ssh: empty plaintext packet causes panic
* Add Multi-Arch hint
* Fix upstream-metadata-field-unknown Homepage
-- Shengjing Zhu <email address hidden> Sat, 04 Dec 2021 02:01:12 +0800
-
golang-go.crypto (1:0.0~git20210817.32db794-1) unstable; urgency=medium
* New upstream version 0.0~git20210817.32db794
* Update versioned dependencies according to go.mod
* Change Section from devel to golang
* Bump Standards-Version to 4.6.0 (no change)
-- Anthony Fok <email address hidden> Fri, 20 Aug 2021 21:56:25 -0600
-
golang-go.crypto (1:0.0~git20201221.eec23a3-1) unstable; urgency=medium
* New upstream version 0.0~git20201221.eec23a3
* Update versioned dependencies according to go.mod
including new dependency on golang-golang-x-term-dev
* Bump debhelper dependency to "Build-Depends: debhelper-compat (= 13)"
* Bump Standards-Version to 4.5.1 (no change)
-- Anthony Fok <email address hidden> Wed, 30 Dec 2020 22:07:06 -0700
-
golang-go.crypto (1:0.0~git20201016.9e8e0b3-1) unstable; urgency=medium
* Upload to unstable.
-- Roger Shimizu <email address hidden> Fri, 13 Nov 2020 03:39:51 +0900
-
golang-go.crypto (1:0.0~git20200604.70a84ac-2) unstable; urgency=medium
* Team upload.
* d/patches: Add patch to skip test fails on reproducible builds.
* d/upstream/metadata: Update URL for issues.
-- Roger Shimizu <email address hidden> Wed, 08 Jul 2020 01:10:18 +0900
-
golang-go.crypto (1:0.0~git20200604.70a84ac-1) unstable; urgency=medium
* Team upload.
* New upstream version 0.0~git20200604.70a84ac
-- Roger Shimizu <email address hidden> Tue, 09 Jun 2020 01:33:42 +0900
-
golang-go.crypto (1:0.0~git20200429.4b2356b-1) unstable; urgency=medium
* Team upload.
* New upstream version 0.0~git20200429.4b2356b
* debian/control: Set Rules-Requires-Root to no
* Add debian/upstream/metadata
-- Roger Shimizu <email address hidden> Tue, 05 May 2020 15:13:45 +0900
-
golang-go.crypto (1:0.0~git20200221.2aa609c-1) unstable; urgency=high
* New upstream version 0.0~git20200221.2aa609c
- ssh: return an error for malformed ed25519 public keys
rather than panic (v0.0.0-20200220183623-bac4c82f6975).
Fixes CVE-2020-9283 (Closes: #952462)
* Previously uploaded upstream version 0.0~git20190701.4def268 contains:
- salsa20/salsa: fix keystream loop in amd64 assembly when overflowing
32-bit counter (commit b7391e9, 2019-03-20). Fixes CVE-2019-11840
- openpgp/clearsign: reject potentially misleading headers and messages
(commit c05e17b, 2019-04-24). Fixes CVE-2019-11841
* debian/gbp.conf: Set debian-branch to debian/sid for DEP-14 conformance
* Bump Standards-Version to 4.5.0 (no change)
* debian/copyright: Add Upstream-Contact
* Remove d/patches/0001-ssh-test-delete-TestInvalidTerminalMode.patch
which has been applied upstream as commit 9756ffd
* Build-Depends on dh-golang (>= 1.48~) to prevent
"no non-test Go files" error in internal/wycheproof during build
* Add d/patches/0001-skip-wycheproof_test.patch to skip test
that access the Internet with "go mod download -json"
* Override dh_auto_install with --no-binaries
to prevent /usr/bin/acmeprobe from being built
-- Anthony Fok <email address hidden> Wed, 26 Feb 2020 13:36:38 -0700
-
golang-go.crypto (1:0.0~git20190701.4def268-2) unstable; urgency=medium
* Team upload.
* d/patches/0001-ssh-test-delete-TestInvalidTerminalMode.patch: remove test that fails with new openssh.
* Add openssh-server to Build-Depends to run more tests at build time.
* Add myself to Uploaders
-- Michael Hudson-Doyle <email address hidden> Thu, 29 Aug 2019 11:16:07 +1200
-
golang-go.crypto (1:0.0~git20190701.4def268-1) unstable; urgency=medium
* New upstream version 0.0~git20190701.4def268
* Remove Lintian override debian-watch-file-is-missing
because we now have a debian/watch file.
* Apply "cme fix dpkg" fixes
- Specify compatibility level with "Build-Depends: debhelper-compat (= 12)"
- Bump Standards-Version to 4.4.0 (no change)
* Update versioned dependencies according to go.mod
-- Anthony Fok <email address hidden> Sun, 28 Jul 2019 01:50:27 -0600
-
golang-go.crypto (1:0.0~git20181203.505ab14-1) unstable; urgency=medium
* New upstream version 0.0~git20181203.505ab14
* Add debian/watch (direct access to the git repository)
* Update Maintainer email address to <email address hidden>
* Bump Standards-Version to 4.3.0 (no change)
-- Anthony Fok <email address hidden> Tue, 01 Jan 2019 00:21:15 -0700
-
golang-go.crypto (1:0.0~git20180614.a8fb68e-1) unstable; urgency=medium
* Team upload.
* New upstream version.
-- Alexandre Viau <email address hidden> Sat, 16 Jun 2018 19:28:53 -0400
-
golang-go.crypto (1:0.0~git20180613.37a17fe-1) unstable; urgency=medium
* Team upload.
* New upstream version 0.0~git20180613.37a17fe. (Closes: #901503)
-- Dr. Tobias Quathamer <email address hidden> Thu, 14 Jun 2018 14:33:54 +0200
-
golang-go.crypto (1:0.0~git20180513.94e3fad-2) unstable; urgency=medium
* Build-Depend on golang-golang-x-sys-dev (>= 0.0~git20180510.7dfd129)
because x/crypto now needs x/sys/cpu introduced on 2018-04-13.
-- Anthony Fok <email address hidden> Thu, 17 May 2018 09:20:32 -0600
-
golang-go.crypto (1:0.0~git20180513.94e3fad-1) unstable; urgency=medium
[ Alexandre Viau ]
* Point Vcs-* urls to salsa.debian.org.
[ Anthony Fok ]
* New upstream version 0.0~git20180513.94e3fad
* Apply "cme fix dpkg" fixes to debian/control,
bumping Standard-Version to 4.1.4, etc.
* Build-Depend on golang-any (>= 2:1.9~)
because x/crypto now needs math/bits introduced in go1.9.
-- Anthony Fok <email address hidden> Mon, 14 May 2018 01:11:28 -0600
-
golang-go.crypto (1:0.0~git20180322.88942b9-1) unstable; urgency=medium
[ Michael Lustfield ]
* Team upload.
* Remove Michael Lustfield (self) from Uploaders list.
[ Dr. Tobias Quathamer ]
* New upstream version 0.0~git20180322.88942b9. (Closes: #894459)
- Add new dependency golang-golang-x-sys-dev
- Update docs installation after upstream renaming
* Use debhelper v11
* Update to Standards-Version 4.1.3
- Use Priority: optional
* Remove obsolete DH_GOPKG
* Remove obsolete DH_GOLANG_INSTALL_ALL
* Remove obsolete override_dh_auto_configure
* Use wrap-and-sort
* Remove transitional package golang-go.crypto-dev
* Remove version constraints for dh-golang and golang-any.
Those versions are available in stable and oldstable-bpo.
* Remove unneeded file d/golang-golang-x-crypto-dev.install
* Remove unneeded file d/golang-golang-x-crypto-dev.lintian-overrides
* Update d/copyright
-- Dr. Tobias Quathamer <email address hidden> Fri, 30 Mar 2018 22:37:34 +0200
-
golang-go.crypto (1:0.0~git20170629.0.5ef0053-2) unstable; urgency=medium
* Team upload.
* Removed inactive user(s) from Uploaders list. (Closes: #836487)
-- Michael Lustfield <email address hidden> Mon, 24 Jul 2017 23:57:17 -0500
-
golang-go.crypto (1:0.0~git20170629.0.5ef0053-1) unstable; urgency=medium
* New upstream snapshot.
* Delete previously cherry-picked security patch:
The security fix 0001-ssh-require-host-key-checking_CVE-2017-3204.patch
is already in the new upstream snapshot.
* Bump Standards-Version to 4.0.0:
Use https form of the copyright-format URL in debian/copyright.
-- Anthony Fok <email address hidden> Fri, 30 Jun 2017 09:10:48 -0600
-
golang-go.crypto (1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1) unstable; urgency=medium
* Reverts previous upload to permit freeze exception.
* patches/0001-ssh-require-host-key-checking_CVE-2017-3204.patch:
+ CVE-2017-3204: Default behavior changed to require explicitly
registering a hostkey verification mechanism. (Closes: #859655)
-- Michael Lustfield <email address hidden> Wed, 26 Apr 2017 02:42:23 -0500
-
golang-go.crypto (1:0.0~git20170407.0.55a552f-1) unstable; urgency=medium
* Team upload.
* New upstream version.
-- Michael Lustfield <email address hidden> Sat, 08 Apr 2017 04:13:53 -0500
-
golang-go.crypto (1:0.0~git20161012.0.5f31782-1) unstable; urgency=medium
* New upstream version.
* debian/rules: Ignore .gitignore rather than the obsolete .hgignore file.
-- Anthony Fok <email address hidden> Sat, 15 Oct 2016 05:22:05 -0600
-
golang-go.crypto (1:0.0~git20160824.0.351dc6a-1) unstable; urgency=medium
* New upstream version.
* Add myself to Uploaders.
-- Anthony Fok <email address hidden> Sun, 28 Aug 2016 06:02:43 -0600
-
golang-go.crypto (1:0.0~git20160607.0.77f4136-1) unstable; urgency=medium
[ MartÃn Ferrari ]
* Team upload.
* Require dh-golang 1.10, for XS-Go-Import-Path.
* Require golang-go 1.4.2.
[ Anthony Fok ]
* New upstream snapshot.
* Add golang-golang-x-net-dev to Build-Depends and Depends
for the recently added acme/internal/acme/acme.go
* Change Build-Depends on golang-go to golang-any.
* Update Vcs-Git to use https URL.
* Bump Standards-Version to 3.9.8 (no change).
-- Anthony Fok <email address hidden> Wed, 08 Jun 2016 04:07:39 -0600
-
golang-go.crypto (1:0.0~git20151201.0.7b85b09-2) unstable; urgency=medium
[ Tianon Gravi ]
* Team upload.
[ Riku Voipio ]
* Fix the new package name to not overwrite go.net's binary package.
-- Tianon Gravi <email address hidden> Thu, 03 Dec 2015 15:00:04 -0800
-
golang-go.crypto (1:0.0~git20151201.0.7b85b09-1) unstable; urgency=medium
* Team upload.
* New upstream snapshot; 7b85b09 from 2015-12-01 (Closes: #786869).
* Rename binary package to "golang-golang-x-net-dev" to reflect pkg-go policy
and add "golang-go.crypto-dev" as a transitional package with appropriate
relations.
* Update Homepage and Vcs-Browser to use https versions.
-- Tianon Gravi <email address hidden> Tue, 01 Dec 2015 00:34:50 -0800
-
golang-go.crypto (1:0.0~git20150608-1) unstable; urgency=medium
* New upstream release, package was renamed to golang.org/x/crypto
* Use an epoch in the version number since upstream switched from hg to git,
and 0.0~git20150608 is interpreted as older than hg190 by Debian tools.
* Fix Maintainer/Uploaders to reflect that the package is team-maintained
* Bump Standards-Version (no changes necessary)
-- Michael Stapelberg <email address hidden> Mon, 22 Jun 2015 09:28:14 +0200
-
golang-go.crypto (0.0~hg190-1) unstable; urgency=low
* Initial release. Closes: #740791
-- Tonnerre Lombard <email address hidden> Wed, 05 Mar 2014 01:01:44 +0100
