Package: golang-1.7 / 1.7.4-2+deb9u1

Metadata

Package Version Patches format
golang-1.7 1.7.4-2+deb9u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
cl 29995 tzdata 2016g.patch | (download)

src/time/time_test.go | 7 5 + 2 - 0 !
1 file changed, 5 insertions(+), 2 deletions(-)

 [patch] time: update test for tzdata-2016g
cl 37964 tzdata 2017a.patch | (download)

src/time/format_test.go | 41 31 + 10 - 0 !
1 file changed, 31 insertions(+), 10 deletions(-)

 [patch] time: make the parseinlocation test more robust

The tzdata 2017a update (2017-02-28) changed the abbreviation of the
Asia/Baghdad time zone (used in TestParseInLocation) from 'AST' to the
numeric '+03'.

Update the test so that it skips the checks if we're using a recent
tzdata release.

Fixes #19457

cve 2019 6486.patch | (download)

src/crypto/elliptic/elliptic.go | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

---
cve 2018 7187.patch | (download)

src/cmd/go/vcs.go | 34 32 + 2 - 0 !
src/cmd/go/vcs_test.go | 43 43 + 0 - 0 !
2 files changed, 75 insertions(+), 2 deletions(-)

 [patch] cmd/go: restrict meta imports to valid schemes

Before this change, when using -insecure, we permitted any meta import
repo root as long as it contained "://". When not using -insecure, we
restrict meta import repo roots to be valid URLs. People may depend on
that somehow, so permit meta import repo roots to be invalid URLs, but
require them to have valid schemes per RFC 3986.

Fixes #23867