Your message dated Thu, 01 Jun 2017 10:05:07 +0000
with message-id <[email protected]>
and subject line Bug#863308: fixed in golang-1.7 1.7.6-1
has caused the Debian Bug report #863308,
regarding golang-1.7: CVE-2017-8932: Elliptic curves carry propagation issue in
x86-64 P-256
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
863308: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863308
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: golang-1.8
Version: 1.8.1-1
Severity: important
Tags: security patch upstream
Forwarded: https://github.com/golang/go/issues/20040
Control: clone -1 -2
Control: reassign -2 src:golang-1.7 1.7.4-2
Hi,
the following vulnerability was published for golang-1.8 (and
golang-1.7 thus cloning and reassigning this bug).
CVE-2017-8932[0]:
Elliptic curves carry propagation issue in x86-64 P-256
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-8932
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-8932
[1] https://github.com/golang/go/issues/20040
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: golang-1.7
Source-Version: 1.7.6-1
We believe that the bug you reported is fixed in the latest version of
golang-1.7, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Hudson-Doyle <[email protected]> (supplier of updated
golang-1.7 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 01 Jun 2017 21:31:53 +1200
Source: golang-1.7
Binary: golang-1.7-go golang-1.7-src golang-1.7-doc golang-1.7
Architecture: source
Version: 1.7.6-1
Distribution: unstable
Urgency: medium
Maintainer: Go Compiler Team <[email protected]>
Changed-By: Michael Hudson-Doyle <[email protected]>
Description:
golang-1.7 - Go programming language compiler - metapackage
golang-1.7-doc - Go programming language - documentation
golang-1.7-go - Go programming language compiler, linker, compiled stdlib
golang-1.7-src - Go programming language - source files
Closes: 863308
Changes:
golang-1.7 (1.7.6-1) unstable; urgency=medium
.
* New upstream release. (Closes: #863308)
* Remove d/patches/cl-29995--tzdata-2016g.patch, applied upstream.
Checksums-Sha1:
6e122500b73cd490adc20695679d38dd1cb1d74f 2445 golang-1.7_1.7.6-1.dsc
0dce781d6a815dafabbe7d399afe63d20e7deadd 14173249 golang-1.7_1.7.6.orig.tar.gz
66ea6aba1c9fec030eda6fd2ef63f63e169e5707 29916 golang-1.7_1.7.6-1.debian.tar.xz
Checksums-Sha256:
7b56278e65521b7c2556f2fde560afd7f994cc439abc4410e121e5030925fbfe 2445
golang-1.7_1.7.6-1.dsc
1a67a4e688673fdff7ba41e73482b0e59ac5bd0f7acf703bc6d50cc775c5baba 14173249
golang-1.7_1.7.6.orig.tar.gz
5b3fab3d86276fb3a701dea5819bbd602944e236e2ef0d53f9a6435ea845153f 29916
golang-1.7_1.7.6-1.debian.tar.xz
Files:
531779318983fedbf977356b3daa09b7 2445 devel optional golang-1.7_1.7.6-1.dsc
178724be1c922d8cdc4e694b6d5994ad 14173249 devel optional
golang-1.7_1.7.6.orig.tar.gz
668f98119c9f5caa85d34bd79a348720 29916 devel optional
golang-1.7_1.7.6-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJZL+JaAAoJEBHfQpTMo5iTAVoP/ijGw/UU0qUg+WaqFdym8rbh
aIV9oky2TMvk+m8XLWq2UqRHwaCDtG14xdodKo9UvMFv+so0XJBRSo4AwX13eUK1
DRh//ZorO4wjtx5hTI9UY2xm19CX/XW/yLmu6l/2CF3149jP88o7/e+v23aMgZtr
orrMLj9/VRb7ZZk9Y4YlrEClFSTkGKRCKdwR5Pl8TtjcS1h+mEdT4sR/aYbEXv3y
9fnHitcJXsxs26L4Qn95UqpZ0vXavgN03qx+fpV7wwRmSIWzzIomutc9oPJoDRNT
WOxsj1PTwYNHgIhh2j5dqZRQET1fQRyMqP0NH4BE5Pp5epU/ekWBMsRGpO05ZzwQ
vpy3NKSMSJwsn1a0s0MfRYvOKpFYgH082RkmCZVr0kk0wLMOV/+6ZpD6ys7towpG
EYvVfAsWK39JWSrpvS/PWJ9tTuX4r64SyOIAhPincJ0Nkm8A1OKYFe4fxvx/11jH
NcEr6pomS2ccbN7oFoizJS2tOi8e8wA47v17oCdpOGJ6A9kV8bg13QVGcsBXcAaU
HDb6w3NRmol2G6jyIVwAhbWoITlz1kE3JubopZhPQexxnsnMayTSaQUyPlJ9Rbee
rcvd5piTHPqG3QTCLKdkdKJoyAihMjSm3QnjZzpYhucXe4rgxQMD/e3HZ3pKtBSU
5+NBYx41zMl+rdGDpAHl
=4UJr
-----END PGP SIGNATURE-----
--- End Message ---
