Change logs for golang-1.22 source package in Sid

  • golang-1.22 (1.22.4-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22.4
        + CVE-2024-24789: archive/zip: mishandling of corrupt central directory
          record
        + CVE-2024-24790: net/netip: unexpected behavior from Is methods for
          IPv4-mapped IPv6 addresses
    
     -- Shengjing Zhu <email address hidden>  Wed, 05 Jun 2024 07:31:05 +0800
  • golang-1.22 (1.22.3-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22.3
        + CVE-2024-24788: net: malformed DNS message can cause infinite loop
    
     -- Shengjing Zhu <email address hidden>  Wed, 08 May 2024 17:11:30 +0800
  • golang-1.22 (1.22.2-2) unstable; urgency=medium
    
      * Team upload
      * Skip flaky TestCrashDumpsAllThreads on s390x (LP: #2061742)
        https://github.com/golang/go/issues/64650
    
     -- Shengjing Zhu <email address hidden>  Tue, 16 Apr 2024 16:13:31 +0800
  • golang-1.22 (1.22.2-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22.2
        + CVE-2023-45288: http2: close connections when receiving too many headers
      * Revert "Backport patch to fix external link on riscv64" (applied in 1.22.2)
    
     -- Shengjing Zhu <email address hidden>  Thu, 04 Apr 2024 04:23:15 +0800
  • golang-1.22 (1.22.1-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22.1
        + CVE-2024-24783: crypto/x509: Verify panics on certificates with an
          unknown public key algorithm
        + CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm
        + CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of
          sensitive headers and cookies on HTTP redirect
        + CVE-2024-24785: html/template: errors returned from MarshalJSON methods
          may break template escaping
        + CVE-2024-24784: net/mail: comments in display names are incorrectly
          handled
      * Update upstream signing key
      * Backport patch to fix external link on riscv64 (Closes: #1065368)
    
     -- Shengjing Zhu <email address hidden>  Wed, 06 Mar 2024 15:09:10 +0800
  • golang-1.22 (1.22.0-2) unstable; urgency=medium
    
      * Team upload
      * Skip flaky TestCrashDumpsAllThreads on mips64le
    
     -- Shengjing Zhu <email address hidden>  Mon, 26 Feb 2024 17:08:17 +0800
  • golang-1.22 (1.22.0-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22.0
    
     -- Shengjing Zhu <email address hidden>  Wed, 21 Feb 2024 16:57:04 +0800
  • golang-1.22 (1.22~rc2-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22~rc2
      * Bump bootstrap Go to 1.20.
        See https://github.com/golang/go/issues/54265
        gccgo only implements Go 1.18 and can't bootstrap Go 1.22 now.
      * Revert "Skip TestUser{Cache,Config}Dir when HOME is not writable"
        This reverts commit 5e8f93837a5d73a391fbbc278a34e5a89f84ca9b.
        Fixed by upstream https://github.com/golang/go/issues/64990
    
     -- Shengjing Zhu <email address hidden>  Tue, 30 Jan 2024 17:15:39 +0800
  • golang-1.22 (1.22~rc1-2) unstable; urgency=medium
    
      * Skip TestUser{Cache,Config}Dir when HOME is not writable
    
     -- Shengjing Zhu <email address hidden>  Sat, 06 Jan 2024 21:26:23 +0800
  • golang-1.22 (1.22~rc1-1) unstable; urgency=medium
    
      * Team upload
      * New upstream version 1.22rc1
      * Build loong64 binaries (Closes: #1055087)
      * Avoid downloading a newer toolchain when bootstrap
    
     -- Shengjing Zhu <email address hidden>  Thu, 04 Jan 2024 17:22:48 +0800