Change log for golang-1.19 package in Ubuntu
1 → 24 of 24 results | First • Previous • Next • Last |
Deleted in mantic-release (Reason: Superseded, EOL, no revdeps; LP: #2009812) |
Deleted in mantic-proposed (Reason: Moved to mantic) |
golang-1.19 (1.19.13-1) unstable; urgency=medium * Team upload * New upstream version 1.19.13 + Improve backward compatibility for fixes of CVE-2023-29409 and CVE-2023-29406. -- Shengjing Zhu <email address hidden> Thu, 07 Sep 2023 12:01:53 +0800
Available diffs
- diff from 1.19.12-2 to 1.19.13-1 (3.8 KiB)
Superseded in mantic-release |
Superseded in mantic-release |
Deleted in mantic-proposed (Reason: Moved to mantic) |
golang-1.19 (1.19.12-2) unstable; urgency=medium * Team upload * Backport patch to fix link tests on riscv64 -- Shengjing Zhu <email address hidden> Fri, 04 Aug 2023 12:45:43 +0800
Available diffs
- diff from 1.19.12-1 to 1.19.12-2 (2.9 KiB)
golang-1.19 (1.19.12-1) unstable; urgency=medium * Team upload * New upstream version 1.19.12 + CVE-2023-29409: crypto/tls: restrict RSA keys in certificates to <= 8192 bits -- Shengjing Zhu <email address hidden> Wed, 02 Aug 2023 11:34:17 +0800
Available diffs
- diff from 1.19.11-1 to 1.19.12-1 (6.6 KiB)
golang-1.19 (1.19.11-1) unstable; urgency=medium * Team upload * New upstream version 1.19.11 + CVE-2023-29406: net/http: insufficient sanitization of Host header * Add autopkgtest -- Shengjing Zhu <email address hidden> Wed, 12 Jul 2023 13:53:19 +0800
Available diffs
- diff from 1.19.10-2 to 1.19.11-1 (13.4 KiB)
golang-1.19 (1.19.10-2) unstable; urgency=medium * Team upload * Upload to unstable -- Shengjing Zhu <email address hidden> Thu, 15 Jun 2023 17:47:17 +0800
Available diffs
- diff from 1.19.10-1 to 1.19.10-2 (297 bytes)
golang-1.19 (1.19.10-1) experimental; urgency=medium * Team upload * New upstream version 1.19.10 + CVE-2023-29402: cmd/go: cgo code injection + CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries + CVE-2023-29404/CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS -- Shengjing Zhu <email address hidden> Wed, 07 Jun 2023 12:28:33 +0800
Available diffs
- diff from 1.19.9-1 to 1.19.10-1 (19.5 KiB)
golang-1.19 (1.19.8-1ubuntu0.1) lunar-security; urgency=medium * SECURITY UPDATE: html injection vulnerability - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS values - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty unquoted attr value - CVE-2023-24539 - CVE-2023-29400 * SECURITY UPDATE: javascript injection vulnerability - debian/patches/CVE-2023-24540.patch: handle all JS whitespace characters - CVE-2023-24540 -- Nishit Majithia <email address hidden> Mon, 05 Jun 2023 15:11:27 +0530
Available diffs
golang-1.19 (1.19.2-1ubuntu1.1) kinetic-security; urgency=medium * SECURITY UPDATE: html injection vulnerability - debian/patches/CVE-2023-24539.patch: disallow angle brackets in CSS values - debian/patches/CVE-2023-29400.patch: emit filterFailsafe for empty unquoted attr value - CVE-2023-24539 - CVE-2023-29400 * SECURITY UPDATE: javascript injection vulnerability - debian/patches/CVE-2023-24540.patch: handle all JS whitespace characters - CVE-2023-24540 * SECURITY UPDATE: large handshake records cause panic - debian/patches/CVE-2022-41724.patch: replace all usages of BytesOrPanic - CVE-2022-41724 * SECURITY UPDATE: denial of service from excessive resource consumption - debian/patches/CVE-2022-41725.patch: imit memory/inode consumption of ReadForm - CVE-2022-41725 * SECURITY UPDATE: DoS issue due to panic - debian/patches/CVE-2023-24534.patch: avoid overpredicting the number of MIME header keys - CVE-2023-24534 * SECURITY UPDATE: integer overflow issue - debian/patches/CVE-2023-24537.patch: reject large line and column number in //line directives - CVE-2023-24537 * SECURITY UPDATE: code injection vulnerability - debian/patches/CVE-2023-24538.patch: disallow actions in JS template literals - CVE-2023-24538 -- Nishit Majithia <email address hidden> Mon, 05 Jun 2023 09:49:37 +0530
Available diffs
golang-1.19 (1.19.9-1) experimental; urgency=medium * Team upload * New upstream version 1.19.9 + CVE-2023-24539: html/template: improper sanitization of CSS values + CVE-2023-24540: html/template: improper handling of JavaScript whitespace + CVE-2023-29400: html/template: improper handling of empty HTML attributes -- Shengjing Zhu <email address hidden> Wed, 03 May 2023 15:08:50 +0800
Available diffs
- diff from 1.19.8-2 to 1.19.9-1 (15.6 KiB)
golang-1.19 (1.19.8-2) unstable; urgency=medium * Team upload * Upload to unstable -- Shengjing Zhu <email address hidden> Fri, 07 Apr 2023 15:12:06 +0800
Available diffs
- diff from 1.19.8-1 to 1.19.8-2 (293 bytes)
Superseded in mantic-release |
Published in lunar-release |
Deleted in lunar-proposed (Reason: Moved to lunar) |
golang-1.19 (1.19.8-1) experimental; urgency=medium * Team upload * New upstream version 1.19.8 + CVE-2023-24537: go/parser: infinite loop in parsing + CVE-2023-24538: html/template: backticks not treated as string delimiters + CVE-2023-24534: net/http, net/textproto: denial of service from excessive memory allocation + CVE-2023-24536: net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption -- Shengjing Zhu <email address hidden> Wed, 05 Apr 2023 02:15:56 +0800
Available diffs
- diff from 1.19.7-1 to 1.19.8-1 (18.5 KiB)
golang-1.19 (1.19.7-1) experimental; urgency=medium * Team upload * New upstream version 1.19.7 + CVE-2023-24532: crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results -- Shengjing Zhu <email address hidden> Wed, 08 Mar 2023 13:54:08 +0800
Available diffs
- diff from 1.19.6-2 to 1.19.7-1 (22.3 KiB)
golang-1.19 (1.19.6-2) unstable; urgency=medium * Team upload * Upload to unstable -- Shengjing Zhu <email address hidden> Fri, 17 Feb 2023 17:56:44 +0800
Available diffs
- diff from 1.19.4-1ubuntu1 (in Ubuntu) to 1.19.6-2 (40.0 KiB)
- diff from 1.19.6-1 to 1.19.6-2 (292 bytes)
golang-1.19 (1.19.6-1) experimental; urgency=medium * Team upload * New upstream version 1.19.6 + CVE-2022-41722: path/filepath: path traversal in filepath.Clean on Windows + CVE-2022-41725: net/http, mime/multipart: denial of service from excessive resource consumption + CVE-2022-41724: crypto/tls: large handshake records may cause panics + CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding -- Shengjing Zhu <email address hidden> Wed, 15 Feb 2023 10:09:02 +0800
Available diffs
golang-1.19 (1.19.4-1ubuntu1) lunar; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Mon, 12 Dec 2022 09:24:12 -0600
Available diffs
- diff from 1.19.3-1ubuntu1 to 1.19.4-1ubuntu1 (16.5 KiB)
golang-1.19 (1.19.3-1ubuntu1) lunar; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Tue, 15 Nov 2022 12:19:06 -0600
Available diffs
Superseded in lunar-release |
Obsolete in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
golang-1.19 (1.19.2-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Wed, 05 Oct 2022 15:02:12 -0500
Available diffs
- diff from 1.19.1-1ubuntu1 to 1.19.2-1ubuntu1 (12.2 KiB)
golang-1.19 (1.19.1-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Tue, 13 Sep 2022 15:08:37 -0500
Available diffs
- diff from 1.19-1ubuntu2 to 1.19.1-1ubuntu1 (21.4 KiB)
Superseded in kinetic-release |
Superseded in kinetic-release |
Deleted in kinetic-proposed (Reason: Moved to kinetic) |
golang-1.19 (1.19-1ubuntu2) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Wed, 03 Aug 2022 09:04:08 -0500
Available diffs
- diff from 1.19~rc2-1ubuntu1 to 1.19-1ubuntu2 (99.9 KiB)
- diff from 1.19-1ubuntu1~ppa5 to 1.19-1ubuntu2 (535 bytes)
Superseded in kinetic-proposed |
golang-1.19 (1.19-1ubuntu1~ppa5) kinetic; urgency=medium * Add CGO_FLAGS patch once again. -- William 'jawn-smith' Wilson <email address hidden> Mon, 08 Aug 2022 17:44:06 -0500
Available diffs
golang-1.19 (1.19~rc2-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Wed, 13 Jul 2022 16:21:52 -0500
Available diffs
golang-1.19 (1.19~rc1-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Fri, 08 Jul 2022 09:58:02 -0500
Available diffs
golang-1.19 (1.19~beta1-1ubuntu1) kinetic; urgency=medium * Merge from Debian unstable. Remaining changes: - 0001-cmd-link-check-CGO_CFLAGS-for-non-g-I-O-options-befo.patch disable internal linking when dynamically linking and CGO_CFLAGS contains flags that might make host object files that the internal linkers ELF reader does not support. This fixes lots of package builds when LTO is enabled by default via dpkg-buildflags. - d/rules: Add NO_PNG_PKG_MANGLE to prevent a test file from being compressed. -- William 'jawn-smith' Wilson <email address hidden> Wed, 15 Jun 2022 09:31:28 -0500
Available diffs
golang-1.19 (1.19~beta1-1) unstable; urgency=medium * New upstream version 1.19 beta1 -- William 'jawn-smith' Wilson <email address hidden> Fri, 10 Jun 2022 13:52:13 -0500
1 → 24 of 24 results | First • Previous • Next • Last |