Your message dated Tue, 14 May 2024 18:34:43 +0000
with message-id <[email protected]>
and subject line Bug#1042474: fixed in golang-github-elazarl-goproxy
1.1+git20231117.7cc037d+dfsg-1
has caused the Debian Bug report #1042474,
regarding golang-github-elazarl-goproxy: CVE-2023-37788
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1042474: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042474
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: golang-github-elazarl-goproxy
Version: 1.1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/elazarl/goproxy/issues/502
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for golang-github-elazarl-goproxy.
CVE-2023-37788[0]:
| goproxy v1.1 was discovered to contain an issue which can lead to a
| Denial of service (DoS) via unspecified vectors.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-37788
https://www.cve.org/CVERecord?id=CVE-2023-37788
[1] https://github.com/elazarl/goproxy/issues/502
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: golang-github-elazarl-goproxy
Source-Version: 1.1+git20231117.7cc037d+dfsg-1
Done: Francisco Vilmar Cardoso Ruviaro <[email protected]>
We believe that the bug you reported is fixed in the latest version of
golang-github-elazarl-goproxy, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Francisco Vilmar Cardoso Ruviaro <[email protected]> (supplier of updated
golang-github-elazarl-goproxy package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 14 May 2024 16:53:43 +0000
Source: golang-github-elazarl-goproxy
Architecture: source
Version: 1.1+git20231117.7cc037d+dfsg-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <[email protected]>
Changed-By: Francisco Vilmar Cardoso Ruviaro <[email protected]>
Closes: 1042474
Changes:
golang-github-elazarl-goproxy (1.1+git20231117.7cc037d+dfsg-1) unstable;
urgency=medium
.
[ Debian Janitor ]
* Team upload.
* Set upstream metadata fields: Bug-Database,
Bug-Submit, Repository, Repository-Browse.
* Use secure URI in Homepage field.
* Bump debhelper from old 12 to 13.
* Update standards version to 4.6.1, no changes needed.
.
[ Francisco Vilmar Cardoso Ruviaro ]
* New upstream git snapshot version 1.1+git20231117.7cc037d+dfsg.
(Closes: #1042474, CVE-2023-37788)
* Change Section from devel to golang.
* Update Maintainer email.
* Update debian/watch.
* Set "Rules-Requires-Root: no".
Checksums-Sha1:
70ab9adf8680ef7cea76d3d887c5923523c9b088 2508
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.dsc
8327f058891e7020c2d4c52dbbc2db4b7bd722f0 83416
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg.orig.tar.xz
c21f9a5dc936f3a2d5f67c061f35406e566d4577 3988
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.debian.tar.xz
3e4cf3d4aa589fa2c4eda68d2ddcf118a5c9cfa5 7754
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1_amd64.buildinfo
Checksums-Sha256:
214bf6005a611c3f4c1ccc80e7148d910a849bab971982ebe00cad23227c80cc 2508
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.dsc
b19b84c3bc153b1060c5c5d89167f985a6be57d1437c176f81bec2f59a997d00 83416
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg.orig.tar.xz
6c00dca8d4f7577207300334a9c5bfe867ba9b1bc5fc2127b3558b633cadb45e 3988
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.debian.tar.xz
b21d2d6476688c17414b3c990c935e21c801546e8ee479e06a53b8ebc5218cf0 7754
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1_amd64.buildinfo
Files:
717109c5f2575f9f02c1c602d18b6d6b 2508 golang optional
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.dsc
fd20c37f293f76b31ff1a5a8a2ee38ce 83416 golang optional
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg.orig.tar.xz
40054a74f96cc6c9f31496bd2e504e2f 3988 golang optional
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1.debian.tar.xz
2d14325e5a5b589c107cd17425f38ea1 7754 golang optional
golang-github-elazarl-goproxy_1.1+git20231117.7cc037d+dfsg-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEEG4z2Vu87hEcvSPDngvv3BgsvfQAFAmZDpPsSHHZpbG1hckBk
ZWJpYW4ub3JnAAoJEIL79wYLL30A3jUP/3n49bzwodRtQonTpHNIsiO4nVG6K/jO
9lVvUVC53etPxJ1Mzg4puT3og78mNGgroQAOCFTpCnXd2+LWu3oLE1U/q0+cjCDy
+LZkdRzNfHTv9QfJA6mlM3SHr0LbBsUVCokulDDdULb55EW571hVpAsX6lG5RPBN
pEbJc1WCItjqovl9JhDzIq+5GifdmoV+qvEhLYdhJ9O6st+CmhwwzDLM79iAXmaa
SsB3u0nvXGYKZqVA9SHzne6sDSTnJCbT6bPSDfWICb3FCiTLUMJFtThgDIOo5WVe
m08ygQ7GrmS6DsVMFvIwgesG8Nc0fSfuOp6N+dg5G2vyJtPEPWhRtAJiPC5Fwfg9
CoXi8KWtMNsbwLPdeHExR3EchMPwY6tb4xbcForjFa9qa5ASZ2HTm9Ep65UgW0Ou
mFfy08ZM0Cydf+D3m1gMUV6PhgUf3AHxHWOZNsmzKgb+tZ7V4d9GKttLxNfKx9Tx
jL3qA++l6O1iS4lYRkerztmmwYn/AnbTlYOffoMf1CwW+PD3o4QGlx1FwbzQ1UbC
WifeigiARpFSUGo+MxFf0eZ6C7xaKw1t4fx7+ARX8warFhILXNR/lhWZFnHdLtkA
Gm8HX/0FBNCptq7bQrEMlP4hOAIcOPvab2na32PVQUa0jn+UCKDDT95thujnDzOY
K5J9EPgGRtHk
=+kjF
-----END PGP SIGNATURE-----
pgpFtpHftqRut.pgp
Description: PGP signature
--- End Message ---
_______________________________________________
Pkg-go-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-go-maintainers
