golang-1.17 (1.17.1-1) [PTS] [DDPO]

COMMITS: VCS has seen 1 commit since the debian/1.17.1-1 tag

Git: https://salsa.debian.org/go-team/compiler/golang.git -b golang-1.17
Enter a full Vcs-* header, supported schemes are: Vcs-Bzr, Vcs-Cvs, Vcs-Darcs, Vcs-Git, Vcs-Hg, Vcs-Mtn, Vcs-Svn.
For Vcs-Git append -b branch to select the branch name; append [subdir] if the debian/ directory is not in the repository root.
The next upload will reset the information from the source package headers.
Branch: golang-1.17
Path: debian/changelog
Browser: https://salsa.debian.org/go-team/compiler/golang/tree/golang-1.17
Last scan: 2021-09-19 09:23:25+00
Next scan: 2021-09-25 19:11:00+00

Debian changelog in Git:

golang-1.17 (1.17.1-1) unstable; urgency=high

  * New upstream version 1.17.1
    + CVE-2021-39293: security fix to the archive/zip package
      The fix for CVE-2021-33196 can be bypassed by crafted inputs.
      As a result, the NewReader and OpenReader functions in archive/zip
      can still cause a panic or an unrecoverable fatal error when reading
      an archive that claims to contain a large number of files,
      regardless of its actual size.
      Thanks to the OSS-Fuzz project for discovering this issue
      and to Emmanuel Odeke for reporting it.
    + bug fixes to the archive/zip, go/internal/gccgoimporter,
      html/template, net/http, and runtime/pprof packages
  * Re-add "Multi-Arch: foreign" hint
  * Rename Maintainer from "Go Compiler Team" to "Debian Go Compiler Team"
  * Bump Standards-Version to 4.6.0 (no change)

 -- Anthony Fok <foka@debian.org>  Fri, 10 Sep 2021 18:01:21 -0600

This branch is 1 commit ahead of tag debian/1.17.1-1

Git log:

commit 82753808ac45a6a61c49a41d88e556d32ffc20e8
Author: Anthony Fok <foka@debian.org>
Date:   Fri Sep 10 18:33:24 2021 -0600

    Fix Lintian warning: tab-in-license-text
    
    debian/copyright (starting at line 366)