golang-1.26 (1.26.4-1) unstable; urgency=medium

  * New upstream version 1.26.4
    - CVE-2026-27145
      crypto/x509: split candidate hostname only once
    - CVE-2026-42507
      net/textproto: escape arbitrary input when including them in errors
    - CVE-2026-42504
      mime: avoid quadratic complexity in WordDecoder.DecodeHeader

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 04 Jun 2026 14:35:47 +0200

golang-1.26 (1.26.3-2) unstable; urgency=medium

  * Support forcing a minimum go compatibility version for
    GODEBUG via DEB_GOMINCOMPAT.
    Thanks to Helmut Grohne <helmut@subdivi.de>

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 21 May 2026 12:16:31 +0200

golang-1.26 (1.26.3-1) unstable; urgency=medium

  * New upstream version 1.26.3
    - CVE-2026-42501
      cmd/go: malicious module proxy can bypass checksum database
    - CVE-2026-39820
      Well-crafted inputs reaching ParseAddress, ParseAddressList, and
      ParseDate were able to trigger excessive CPU exhaustion and memory
      allocations.
    - CVE-2026-39823
      Vulnerability in which URLs were not correctly escaped inside of a
      <meta> tag's <content> attribute.
    - CVE-2026-33811
      When using LookupCNAME with the cgo DNS resolver, a very long
      CNAME response can trigger a double-free of C memory and a crash.
    - CVE-2026-39826
      If a trusted template author were to write a <script> tag
      containing an empty 'type' attribute or a 'type' attribute with an
      ASCII whitespace, the execution of the template would incorrectly
      escape any data passed into the <script> block.
    - CVE-2026-39817
      The "go tool pack" subcommand (usually used only by the compiler
      as an internal tool with known-good inputs) does not sanitize
      output filenames. Extracting a malicious archive file with the
      "pack" subcommand can write files to arbitrary locations on the
      filesystem.
    - CVE-2026-39819
      The "go bug" command writes to two files with predictable names in
      the system temporary directory (for example, "/tmp"). An attacker
      with access to the temporary directory can create a symlink in one
      of these names, causing "go bug" to overwrite the target of the
      symlink.
    - CVE-2026-42499
      Pathological inputs could cause DoS through consumePhrase when
      parsing an email address according to RFC 5322.
    - CVE-2026-39825
      ReverseProxy can forward queries containing parameters not visible
      to Rewrite functions.

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 07 May 2026 22:46:34 +0200

golang-1.26 (1.26.2-3) unstable; urgency=medium

  * Next attempt at making the package reproducible:
    Change timestamp of "test" directory to one of the files in it,
	  because the differing timestamp is the last bit which prevents
	  the golang package from being reproducible.

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sun, 26 Apr 2026 12:28:10 +0200

golang-1.26 (1.26.2-2) unstable; urgency=medium

  * Make package reproducible.
    Some test files cannot be parsed correctly by dh_strip_nondeterminism,
    because they are corrupted on purpose to test the go library.
    However, the previous approach of excluding all "testdata" file
    paths from dh_strip_nondeterminism resulted in a package which
    cannot be built reproducibly, because some timestamps of directories
    were different. Therefore, we exclude only the specific test files
    which would result in a parsing error of dh_strip_nondeterminism.
  * Remove two alien tags from lintian overrides
  * Remove debian/golang-X.Y-go.lintian-overrides, no longer needed
  * Remove unused lintian overrides

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 24 Apr 2026 17:23:37 +0200

golang-1.26 (1.26.2-1) unstable; urgency=medium

  * New upstream version 1.26.2
    - CVE-2026-32280
      During chain building, the amount of work that is done is not
      correctly limited when a large number of intermediate certificates
      are passed in VerifyOptions.Intermediates, which can lead to a
      denial of service. This affects both direct users of crypto/x509
      and users of crypto/tls.
    - CVE-2026-32281
      Validating certificate chains which use policies is unexpectedly
      inefficient when certificates in the chain contain a very large
      number of policy mappings, possibly causing denial of service.
      This only affects validation of otherwise trusted certificate
      chains, issued by a root CA in the VerifyOptions.Roots CertPool,
      or in the system certificate pool.
  * Set Forwarded in patch headers
  * Update Standards-Version to 4.7.4, no changes needed
  * Use go-X.Y for lintian overrides
  * Remove mismatched lintian override

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 08 Apr 2026 11:04:20 +0200

golang-1.26 (1.26.1-1) unstable; urgency=medium

  * Update to 1.26.1 upstream release
    https://groups.google.com/g/golang-announce/c/EdhZqrQ98hk/m/41DopX_WAAAJ
    - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints
    - CVE-2026-27138: crypto/x509: panic in name constraint checking for
                      malformed certificates
    - CVE-2026-27142: html/template: URLs in meta content attribute actions
                      are not escaped
    - CVE-2026-25679: net/url: reject IPv6 literal not at start of host
    - CVE-2026-27139: os: FileInfo can escape from a Root
  * Drop 0004-Replace-localhostCert-and-localhostKey.patch (obsolete via
    https://github.com/golang/go/commit/c5723195a670a09e64769554163ae12b25839819)

 -- Tianon Gravi <tianon@debian.org>  Fri, 06 Mar 2026 16:41:19 -0800

golang-1.26 (1.26.0-1) unstable; urgency=medium

  * New upstream version 1.26.0
    - Refresh patch

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 11 Feb 2026 16:43:25 +0100

golang-1.26 (1.26~rc3-2) unstable; urgency=medium

  * Skip TestTSAN test on s390x.
    The test consistently fails, and is probably a real bug.
    It's currently being investigated, but until that is
    resolved, we disable the test to be able to build the
    golang package, so it can migrate to testing.
    See https://github.com/golang/go/issues/77289
    and Debian BTS #1126312
  * Update d/copyright
    - Use Comment: as field name in d/copyright
    - Remove src/image/jpeg/idct.go from d/copyright, has been
      removed upstream
    - Remove MPEG license terms, no longer needed
    - Update d/copyright with correct license name.
    - Use Go license for d/rules, just like all other files
      in that directory
    - Update license name from FreeBSD to BSD-2-Clause
    - Add d/lrc.config as license hints for lrc
  * Run wrap-and-sort -astkb
  * Remove Breaks: dh-golang (<< 1.43~), o-o-stable is at 1.51
  * Remove leading '/' from .install files
  * Remove unused lintian overrides
  * Add lintian overrides for golang-X.Y-src
  * Add myself as uploader, somehow I got involved again. :-)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 10 Feb 2026 00:00:48 +0100

golang-1.26 (1.26~rc3-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.26~rc3
  * Remove Priority: optional from d/control
  * Remove Rules-Requires-Root from d/control
  * Update Standards-Version to 4.7.3

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 09 Feb 2026 10:15:40 +0100

golang-1.26 (1.26~rc2-1) unstable; urgency=medium

  * Initial upload of Go 1.26 (rc2)

 -- Tianon Gravi <tianon@debian.org>  Sat, 24 Jan 2026 00:13:51 -0800

golang-1.25 (1.25.6-1) unstable; urgency=medium

  [ Anshul Singh ]
  * Update to 1.25.5 upstream release
    https://go.dev/doc/devel/release#go1.25.5
    - crypto/x509: excessive resource consumption in printing error string for host certificate validation
    - crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

  [ Tianon Gravi ]
  * Update to 1.25.6 upstream release

    1.25.6: (Closes: #1125916)
    - https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc/m/pQP7Bk0aCQAJ

    - CVE-2025-61728: https://go.dev/issue/77102
      archive/zip: denial of service when parsing arbitrary ZIP archives

    - CVE-2025-61726: https://go.dev/issue/77101
      net/http: memory exhaustion in Request.ParseForm

    - CVE-2025-68121: https://go.dev/issue/77113
      crypto/tls: Config.Clone copies automatically generated session ticket
      keys, session resumption does not account for the expiration of full
      certificate chain

    - CVE-2025-61731: https://go.dev/issue/77100
      cmd/go: bypass of flag sanitization can lead to arbitrary code
      execution

    - CVE-2025-68119: https://go.dev/issue/77099
      cmd/go: unexpected code execution when invoking toolchain

    - CVE-2025-61730: https://go.dev/issue/76443
      crypto/tls: handshake messages may be processed at the incorrect
      encryption level

    - os: allow direntries to have zero inodes on Linux (Closes: #1115301)

    1.25.5: (Closes: #1121847)
    - https://groups.google.com/g/golang-announce/c/8FJoBkPddm4/m/kYpVlPw1CQAJ

    - CVE-2025-61729: https://go.dev/issue/76445
      crypto/x509: excessive resource consumption in printing error string for
      host certificate validation

    - CVE-2025-61727: https://go.dev/issue/76442
      crypto/x509: excluded subdomain constraint does not restrict wildcard
      SANs

    1.25.4:
    - https://groups.google.com/g/golang-announce/c/tVVHm9gnwl8/m/-oTvYIjCAQAJ

  * Fix build with DEB_BUILD_OPTIONS=terse (Closes: #1125464)
    (solution borrowed from xz-utils debian/rules)

 -- Tianon Gravi <tianon@debian.org>  Thu, 22 Jan 2026 23:07:54 -0800

golang-1.25 (1.25.3-1) unstable; urgency=medium

  * Update to 1.25.3 upstream release
    https://go.dev/doc/devel/release#go1.25.3
    - fixes to the crypto/x509 package (https://go.dev/issue/75828)

 -- Tianon Gravi <tianon@debian.org>  Mon, 13 Oct 2025 16:06:52 -0700

golang-1.25 (1.25.2-1) unstable; urgency=medium

  * Add Go 1.25 to acceptable bootstrap versions (Build-Depends)
  * Update upstream signing key
  * Update to 1.25.2 upstream release
    https://groups.google.com/g/golang-announce/c/4Emdl2iQ_bI/m/qZN5nc-mBgAJ
    - CVE-2025-61725: net/mail: excessive CPU consumption in ParseAddress
    - CVE-2025-58187: crypto/x509: quadratic complexity when checking name constraints
    - CVE-2025-58189: crypto/tls: ALPN negotiation errors can contain arbitrary text
    - CVE-2025-61723: encoding/pem: quadratic complexity when parsing some invalid inputs
    - CVE-2025-47912: net/url: insufficient validation of bracketed IPv6 hostnames
    - CVE-2025-58185: encoding/asn1: pre-allocating memory when parsing DER payload can cause memory exhaustion
    - CVE-2025-58186: net/http: lack of limit when parsing cookies can cause memory exhaustion
    - CVE-2025-58188: crypto/x509: panic when validating certificates with DSA public keys
    - CVE-2025-58183: archive/tar: unbounded allocation when parsing GNU sparse map
    - CVE-2025-61724: net/textproto: excessive CPU consumption in Reader.ReadResponse

 -- Tianon Gravi <tianon@debian.org>  Thu, 09 Oct 2025 20:14:29 -0700

golang-1.25 (1.25.1-1) unstable; urgency=medium

  * Update to 1.25.1 upstream release
    - net/http: CrossOriginProtection bypass patterns are over-broad
      (CVE-2025-47910; https://go.dev/issue/75054; Closes: #1116341)

 -- Tianon Gravi <tianon@debian.org>  Sat, 27 Sep 2025 21:09:25 -0700

golang-1.25 (1.25.0-2) unstable; urgency=medium

  [ Tianon Gravi ]
  * Add support for cross-building natively (Closes: #1100436)
    - https://salsa.debian.org/go-team/compiler/golang/-/merge_requests/21
  * Clean up debian/helpers/goenv.sh (notably no more go1.16 support)

  [ Bo YU ]
  * Skip failing TSAN tests on riscv64 (Closes: #1115478)

 -- Tianon Gravi <tianon@debian.org>  Fri, 19 Sep 2025 21:11:23 -0700

golang-1.25 (1.25.0-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.25.0.

 -- Anshul Singh <anshul.singh@canonical.com>  Fri, 08 Aug 2025 05:13:23 +0000

golang-1.24 (1.24.4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24.1
    + CVE-2025-4673: net/http: sensitive headers not cleared on cross-origin redirect (Closes: #1107364)
    + CVE-2025-0913: os: inconsistent handling of O_CREATE|O_EXCL on Unix and Windows
    + CVE 2025-22874: crypto/x509: usage of ExtKeyUsageAny disables policy validation (Closes: #1107364)
    + CVE-2025-22873: os: Root permits access to parent directory (Closes: #1104816)
  * d/patches: Removed patch 0003 as it's already applied upstream now

 -- Anshul Singh <anshul.singh@canonical.com>  Mon, 16 Jun 2025 17:04:18 +0530

golang-1.24 (1.24.2-2) unstable; urgency=medium

  * Team upload
  * Backport patch to fix SIGSEGV in vgetrandom on Linux 6.11+
    (Closes: #1103345)

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 17 Apr 2025 22:45:41 +0800

golang-1.24 (1.24.2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24.2
    + CVE-2025-22871: net/http: request smuggling through invalid chunked data

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 03 Apr 2025 14:56:38 +0800

golang-1.24 (1.24.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24.1
    + CVE-2025-22870: net/http, x/net/proxy, x/net/http/httpproxy: proxy bypass
      using IPv6 zone IDs
  * Install lib directory to golang-X.Y-src package.
    This includes lib/wasm directory which is moved from misc/wasm
    in Go 1.24. (Closes: #1096251)

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 05 Mar 2025 07:58:41 +0800

golang-1.24 (1.24.0-2) unstable; urgency=medium

  * Team upload
  * Add golang-1.24-go to Build-Depends

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 25 Feb 2025 18:09:52 +0800

golang-1.24 (1.24.0-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24.0

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 12 Feb 2025 03:00:57 +0800

golang-1.24 (1.24~rc3-2) unstable; urgency=medium

  * Team upload
  * Add binutils-gold to Build-Depends on arm64 (Closes: #1095697)
  * And binutils-gold to Depends for golang-X.Y-go on arm64

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 12 Feb 2025 02:18:15 +0800

golang-1.24 (1.24~rc3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24~rc3
    + CVE-2025-22866: crypto/elliptic: timing sidechannel for P-256 on ppc64le
    + CVE-2025-22867: cmd/go: arbitrary code execution during build on darwin

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 07 Feb 2025 21:01:51 +0800

golang-1.24 (1.24~rc2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24~rc2
  * Revert "Backport patch to fix tests using expired certificates"

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 21 Jan 2025 14:14:07 +0800

golang-1.24 (1.24~rc1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.24~rc1
  * Bump minimal bootstrap Go version to 1.22
  * Backport patch to fix tests using expired certificates

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 07 Jan 2025 14:33:53 +0800

golang-1.23 (1.23.4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23.4

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 04 Dec 2024 08:34:52 +0800

golang-1.23 (1.23.3-2) unstable; urgency=medium

  * Team upload
  * Running regression autopkgtest with root

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 12 Nov 2024 17:15:48 +0800

golang-1.23 (1.23.3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23.3
  * Switch to versioned golang-1.XX-go packages for building.
    Break circular loop with golang-defaults metapackage (Closes: #1081647)

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 07 Nov 2024 15:32:48 +0800

golang-1.23 (1.23.2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23.2

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 03 Oct 2024 14:40:06 +0800

golang-1.23 (1.23.1-3) unstable; urgency=medium

  * Team upload
  * Increase timeout to 2h in autopkgtest

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 12 Sep 2024 13:21:49 +0800

golang-1.23 (1.23.1-2) unstable; urgency=medium

  * Team upload
  * Increase timeout to 1h in autopkgtest

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 11 Sep 2024 14:05:33 +0800

golang-1.23 (1.23.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23.1
    + CVE-2024-34155: go/parser: stack exhaustion in all Parse* functions
    + CVE-2024-34156: encoding/gob: stack exhaustion in Decoder.Decode
    + CVE-2024-34158: go/build/constraint: stack exhaustion in Parse

 -- Shengjing Zhu <zhsj@debian.org>  Mon, 09 Sep 2024 16:26:12 +0800

golang-1.23 (1.23.0-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23.0

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 14 Aug 2024 07:05:45 +0800

golang-1.23 (1.23~rc2-2) unstable; urgency=medium

  * Team upload
  * Increase test timeout in autopkgtest

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 19 Jul 2024 16:05:05 +0800

golang-1.23 (1.23~rc2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.23~rc2

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 17 Jul 2024 16:34:37 +0800

golang-1.23 (1.23~rc1-1) unstable; urgency=medium

  * Team upload.

  [ Dr. Tobias Quathamer ]
  * Remove myself from Uploaders

  [ Shengjing Zhu ]
  * New upstream version 1.23~rc1
  * Replace pkg-config with pkgconf

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 02 Jul 2024 16:20:00 +0800

golang-1.22 (1.22.4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22.4
    + CVE-2024-24789: archive/zip: mishandling of corrupt central directory
      record
    + CVE-2024-24790: net/netip: unexpected behavior from Is methods for
      IPv4-mapped IPv6 addresses

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 05 Jun 2024 07:31:05 +0800

golang-1.22 (1.22.3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22.3
    + CVE-2024-24788: net: malformed DNS message can cause infinite loop

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 08 May 2024 17:11:30 +0800

golang-1.22 (1.22.2-2) unstable; urgency=medium

  * Team upload
  * Skip flaky TestCrashDumpsAllThreads on s390x (LP: #2061742)
    https://github.com/golang/go/issues/64650

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 16 Apr 2024 16:13:31 +0800

golang-1.22 (1.22.2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22.2
    + CVE-2023-45288: http2: close connections when receiving too many headers
  * Revert "Backport patch to fix external link on riscv64" (applied in 1.22.2)

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 04 Apr 2024 04:23:15 +0800

golang-1.22 (1.22.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22.1
    + CVE-2024-24783: crypto/x509: Verify panics on certificates with an
      unknown public key algorithm
    + CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm
    + CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of
      sensitive headers and cookies on HTTP redirect
    + CVE-2024-24785: html/template: errors returned from MarshalJSON methods
      may break template escaping
    + CVE-2024-24784: net/mail: comments in display names are incorrectly
      handled
  * Update upstream signing key
  * Backport patch to fix external link on riscv64 (Closes: #1065368)

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 06 Mar 2024 15:09:10 +0800

golang-1.22 (1.22.0-2) unstable; urgency=medium

  * Team upload
  * Skip flaky TestCrashDumpsAllThreads on mips64le

 -- Shengjing Zhu <zhsj@debian.org>  Mon, 26 Feb 2024 17:08:17 +0800

golang-1.22 (1.22.0-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22.0

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 21 Feb 2024 16:57:04 +0800

golang-1.22 (1.22~rc2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22~rc2
  * Bump bootstrap Go to 1.20.
    See https://github.com/golang/go/issues/54265
    gccgo only implements Go 1.18 and can't bootstrap Go 1.22 now.
  * Revert "Skip TestUser{Cache,Config}Dir when HOME is not writable"
    This reverts commit 5e8f93837a5d73a391fbbc278a34e5a89f84ca9b.
    Fixed by upstream https://github.com/golang/go/issues/64990

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 30 Jan 2024 17:15:39 +0800

golang-1.22 (1.22~rc1-2) unstable; urgency=medium

  * Skip TestUser{Cache,Config}Dir when HOME is not writable

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 06 Jan 2024 21:26:23 +0800

golang-1.22 (1.22~rc1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.22rc1
  * Build loong64 binaries (Closes: #1055087)
  * Avoid downloading a newer toolchain when bootstrap

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 04 Jan 2024 17:22:48 +0800

golang-1.21 (1.21.5-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.5
    + CVE-2023-39326: net/http: limit chunked data overhead
    + CVE-2023-45285: cmd/go: go get may unexpectedly fallback to insecure git
    + CVE-2023-45283: path/filepath: retain trailing \ when cleaning paths
      like \\?\c:\

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 06 Dec 2023 15:32:23 +0800

golang-1.21 (1.21.4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.4
    + CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device
      path prefix.
    + CVE-2023-45284: path/filepath: recognize device names with trailing
      spaces and superscripts.

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 08 Nov 2023 03:40:30 +0800

golang-1.21 (1.21.3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.3
    + CVE-2023-44487/CVE-2023-39325: net/http: rapid stream resets can cause
      excessive work

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 11 Oct 2023 14:53:53 +0800

golang-1.21 (1.21.2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.2
    + CVE-2023-39323: cmd/go: line directives allows arbitrary execution during
      build

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 06 Oct 2023 19:35:37 +0800

golang-1.21 (1.21.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.1
    + CVE-2023-39320: cmd/go: go.mod toolchain directive allows arbitrary
      execution
    + CVE-2023-39318: html/template: improper handling of HTML-like comments
      within script contexts
    + CVE-2023-39319: html/template: improper handling of special tags within
      script contexts
    + CVE-2023-39321/CVE-2023-39322: crypto/tls: panic when processing
      post-handshake message on QUIC connections

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 07 Sep 2023 11:51:55 +0800

golang-1.21 (1.21.0-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21.0

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 09 Aug 2023 14:40:00 +0800

golang-1.21 (1.21~rc4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21~rc4

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 03 Aug 2023 15:15:53 +0800

golang-1.21 (1.21~rc3-2) unstable; urgency=medium

  * Team upload
  * Add Breaks+Replaces golang-1.21-go (<< 1.21~rc3) on golang-1.21-src
    src/internal/platform/zosarch.go move from golang-1.21-go to
    golang-1.21-src (Closes: #1041412)

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 19 Jul 2023 16:12:19 +0800

golang-1.21 (1.21~rc3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21~rc3

 -- Shengjing Zhu <zhsj@debian.org>  Mon, 17 Jul 2023 15:20:39 +0800

golang-1.21 (1.21~rc2-2) unstable; urgency=medium

  * Team upload
  * Add autopkgtest

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 29 Jun 2023 16:33:35 +0800

golang-1.21 (1.21~rc2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21~rc2

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 22 Jun 2023 14:53:06 +0800

golang-1.21 (1.21~rc1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.21rc1
  * Install go.env in GOROOT
  * Drop patches
    + 0001-Disable-test-for-UserHomeDir.patch.
      Now the test doesn't fail if HOME dir doesn't exist
      See https://github.com/golang/go/commit/bb4ea80b
    + 0002-Fix-Lintian-warnings-about-wrong-interpreter-path.patch.
      We don't run these scripts, just leave them as is.
    + 0003-cmd-dist-increase-default-timeout-scale-for-arm.patch.
      Upstream has removed arch-specific timeout scale heuristics.
      See https://github.com/golang/go/issues/57117
      We can move the setting to dh-golang.
    + 0004-skip-userns-test-in-schroot-as-well.patch.
      Now the tests doesn't hardcode chroot types.
      See https://github.com/golang/go/commit/09267142

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 20 Jun 2023 17:39:49 +0800

golang-1.20 (1.20.5-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20.5
    + CVE-2023-29402: cmd/go: cgo code injection
    + CVE-2023-29403: runtime: unexpected behavior of setuid/setgid binaries
    + CVE-2023-29404/CVE-2023-29405: cmd/go: improper sanitization of LDFLAGS

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 07 Jun 2023 12:05:11 +0800

golang-1.20 (1.20.4-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20.4
    + CVE-2023-24539: html/template: improper sanitization of CSS values
    + CVE-2023-24540: html/template: improper handling of JavaScript whitespace
    + CVE-2023-29400: html/template: improper handling of empty HTML attributes

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 03 May 2023 14:56:49 +0800

golang-1.20 (1.20.3-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20.3
    + CVE-2023-24537: go/parser: infinite loop in parsing
    + CVE-2023-24538: html/template: backticks not treated as string delimiters
    + CVE-2023-24534: net/http, net/textproto: denial of service from excessive
      memory allocation
    + CVE-2023-24536: net/http, net/textproto, mime/multipart: denial of
      service from excessive resource consumption

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 05 Apr 2023 02:04:08 +0800

golang-1.20 (1.20.2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20.2
    + CVE-2023-24532: crypto/elliptic: incorrect P-256 ScalarMult and
      ScalarBaseMult results

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 08 Mar 2023 13:57:35 +0800

golang-1.20 (1.20.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20.1
    + CVE-2022-41722: path/filepath: path traversal in filepath.Clean on
      Windows
    + CVE-2022-41725: net/http, mime/multipart: denial of service from
      excessive resource consumption
    + CVE-2022-41724: crypto/tls: large handshake records may cause panics
    + CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 15 Feb 2023 09:53:55 +0800

golang-1.20 (1.20-1) unstable; urgency=medium

  * Team upload
  * New upstream release 1.20
  * Remove patches applied upstream:
    - d/patches/0005-Revert-internal-fsys-follow-root-symlink-in-fsys.Wal.patch
    - d/patches/0006-time-revert-strict-parsing-of-RFC-3339.patch

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Thu, 02 Feb 2023 13:54:15 +1300

golang-1.20 (1.20~rc3-2) unstable; urgency=medium

  * Team upload
  * Revert strict parsing of RFC 3339.
    See https://github.com/golang/go/issues/54580

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 19 Jan 2023 16:45:22 +0800

golang-1.20 (1.20~rc3-1) unstable; urgency=medium

  [ William 'jawn-smith' Wilson ]
  * New upstream version 1.20 rc3

  [ Shengjing Zhu ]
  * Drop 0005-syscall-skip-TestUseCgroupFD-if-cgroupfs-not-mounted.patch,
    merged in new version.

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 13 Jan 2023 09:51:55 +0800

golang-1.20 (1.20~rc2-2) unstable; urgency=medium

  * Team upload
  * Add NO_PNG_PKG_MANGLE to prevent mangling testdata.
    This is Ubuntu specific behaviour so they can sync the package without
    vendor patch.
  * Revert "internal/fsys: follow root symlink in fsys.Walk"
    Fix https://github.com/golang/go/issues/57754

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 12 Jan 2023 22:27:08 +0800

golang-1.20 (1.20~rc2-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.20~rc2
  * Bump bootstrap Go to 1.17.
    See https://github.com/golang/go/issues/44505
  * Drop i386 bootstrap workaround with Go < 1.16
  * Add patch to skip TestUseCgroupFD for schroot
  * Update Standards-Version to 4.6.2 (no changes)
  * $GOROOT/pkg no longer stores pre-compiled package archives for the
    standard library
  * Make all scripts in src directory executable. To silence lintian.
  * Refresh lintian overrides

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 05 Jan 2023 16:01:28 +0800

golang-1.19 (1.19.4-1) unstable; urgency=medium

  * New upstream version 1.19.4
    + CVE-2022-41720: os, net/http: avoid escapes from os.DirFS and http.Dir
      on Windows
    + CVE-2022-41717: net/http: limit canonical header cache by bytes, not
      entries

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 06 Dec 2022 16:10:54 -0600

golang-1.19 (1.19.3-1) unstable; urgency=medium

  * New upstream version 1.19.3
    + CVE-2022-41716: syscall, os/exec: unsanitized NUL in environment variables
      On Windows, syscall.StartProcess and os/exec.Cmd did not properly check
      for invalid environment variable values. A malicious environment variable
      value could exploit this behavior to set a value for a different
      environment variable.

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Thu, 03 Nov 2022 08:39:47 -0500

golang-1.19 (1.19.2-1) unstable; urgency=medium

  * New upstream version 1.19.2
    + CVE-2022-2879: archive/tar: unbounded memory consumption when reading
      headers
    + CVE-2022-2880: net/http/httputil: ReverseProxy should not forward
      unparseable query parameters
    + CVE-2022-41715: regexp/syntax: limit memory used by parsing regexps

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 04 Oct 2022 15:23:25 -0500

golang-1.19 (1.19.1-1) unstable; urgency=medium

  * New upstream version 1.19.1

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 06 Sep 2022 14:58:49 -0500

golang-1.19 (1.19-1) unstable; urgency=medium

  * New upstream version 1.19
  * Update d/docs to reflect upstream removal of AUTHORS and CONTRIBUTORS

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 02 Aug 2022 15:35:20 -0500

golang-1.19 (1.19~rc2-1) unstable; urgency=medium

  * New upstream version 1.19 rc2

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 12 Jul 2022 18:32:28 -0500

golang-1.19 (1.19~rc1-1) unstable; urgency=medium

  * Team upload.
  * Update upstream signing key.
    Download from https://dl.google.com/dl/linux/linux_signing_key.pub
  * New upstream version 1.19~rc1
    + Fix boostrap with gccgo (Closes: #1014238)
  * Update Standards-Version to 4.6.1 (no changes)

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 07 Jul 2022 23:42:03 +0800

golang-1.19 (1.19~beta1-2) unstable; urgency=medium

  * Team upload.
  * Source-only upload for migration to testing

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 02 Jul 2022 03:11:52 +0800

golang-1.19 (1.19~beta1-1) unstable; urgency=medium

  * New upstream version 1.19 beta1

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Fri, 10 Jun 2022 13:52:13 -0500

golang-1.18 (1.18.3-1) unstable; urgency=medium

  * New upstream version 1.18.3

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Wed, 01 Jun 2022 17:23:29 -0500

golang-1.18 (1.18.2-2) unstable; urgency=medium

  * d/p/0007-cmd-link-use-TOC-relative-trampolines-on-PPC64-when-.patch:
    Remove patch.  It's causing the build on ppc64el to FTBFS during link
    time.

 -- Sergio Durigan Junior <sergiodj@debian.org>  Sat, 14 May 2022 15:22:04 -0400

golang-1.18 (1.18.2-1) unstable; urgency=medium

  * New upstream version 1.18.2
  * d/p/0007-cmd-link-use-TOC-relative-trampolines-on-PPC64-when-.patch:
    Use TOC-relative trampolines on ppc64el when needed.  Fix link error
    when building PIE binaries. (Closes: #1010942)

 -- Sergio Durigan Junior <sergiodj@debian.org>  Fri, 13 May 2022 14:07:03 -0400

golang-1.18 (1.18.1-1) unstable; urgency=medium

  * New upstream version 1.18.1
    + CVE-2022-24675: encoding/pem: fix stack overflow in Decode
    + CVE-2022-28327: crypto/elliptic: tolerate all oversized scalars
      in generic P-256
    + CVE-2022-27536: crypto/x509: non-compliant certificates can
      cause a panic in Verify on macOS in Go 1.18

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Wed, 13 Apr 2022 12:54:36 -0500

golang-1.18 (1.18-1) unstable; urgency=medium

  * New upstream version 1.18

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Tue, 15 Mar 2022 14:59:19 -0500

golang-1.18 (1.18~rc1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.18~rc1

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 18 Feb 2022 01:31:48 +0800

golang-1.18 (1.18~beta2-1) unstable; urgency=medium

  * New upstream version 1.18 beta2

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Mon, 31 Jan 2022 16:53:48 -0600

golang-1.18 (1.18~beta1-2) unstable; urgency=medium

  * Source-only upload for migration to testing

 -- Anthony Fok <foka@debian.org>  Thu, 13 Jan 2022 14:01:05 -0700

golang-1.18 (1.18~beta1-1) unstable; urgency=medium

  * New upstream version 1.18 beta1

 -- William 'jawn-smith' Wilson <jawn-smith@ubuntu.com>  Wed, 15 Dec 2021 16:07:48 -0600

golang-1.17 (1.17.5-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.17.5
    + CVE-2021-44716: net/http: limit growth of header canonicalization cache
    + CVE-2021-44717: syscall: don’t close fd 0 on ForkExec error

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 09 Dec 2021 23:22:36 +0800

golang-1.17 (1.17.4-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.17.4

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 04 Dec 2021 01:32:29 +0800

golang-1.17 (1.17.3-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.17.3
    + CVE-2021-41771: debug/macho: invalid dynamic symbol table command
      can cause panic
    + CVE-2021-41772: archive/zip: Reader.Open panics on empty string

 -- Shengjing Zhu <zhsj@debian.org>  Sun, 07 Nov 2021 22:33:32 +0800

golang-1.17 (1.17.2-1) unstable; urgency=medium

  * Team upload.

  [ Anthony Fok ]
  * Fix Lintian warning: tab-in-license-text
    debian/copyright (starting at line 366)

  [ Shengjing Zhu ]
  * Ensure GOROOT_BOOTSTRAP is valid
  * Set GOPATH in d/rules.
    Seems the go command needs GOPATH env
  * New upstream version 1.17.2
    + CVE-2021-38297: When invoking functions from WASM modules, built using
      GOARCH=wasm GOOS=js, passing very large arguments can cause portions of
      the module to be overwritten with data from the arguments

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 09 Oct 2021 01:23:05 +0800

golang-1.17 (1.17.1-1) unstable; urgency=high

  * New upstream version 1.17.1
    + CVE-2021-39293: security fix to the archive/zip package
      The fix for CVE-2021-33196 can be bypassed by crafted inputs.
      As a result, the NewReader and OpenReader functions in archive/zip
      can still cause a panic or an unrecoverable fatal error when reading
      an archive that claims to contain a large number of files,
      regardless of its actual size.
      Thanks to the OSS-Fuzz project for discovering this issue
      and to Emmanuel Odeke for reporting it.
    + bug fixes to the archive/zip, go/internal/gccgoimporter,
      html/template, net/http, and runtime/pprof packages
  * Re-add "Multi-Arch: foreign" hint
  * Rename Maintainer from "Go Compiler Team" to "Debian Go Compiler Team"
  * Bump Standards-Version to 4.6.0 (no change)

 -- Anthony Fok <foka@debian.org>  Fri, 10 Sep 2021 18:01:21 -0600

golang-1.17 (1.17-3) unstable; urgency=medium

  * Team upload.
  * Add missing generated buildcfg file (Closes: #993450)

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 02 Sep 2021 00:08:21 +0800

golang-1.17 (1.17-2) unstable; urgency=medium

  * Team upload.
  * Fix extracting go version for gccgo

 -- Shengjing Zhu <zhsj@debian.org>  Sun, 29 Aug 2021 01:16:12 +0800

golang-1.17 (1.17-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.17
  * Refresh patches, dropping
    0003-cmd-go-cmd-cgo-pass-mfp32-and-mhard-soft-float-to-MI.patch which was
    merged upstream.
  * Do not include the now-deleted favicon.ico in golang-1.17-doc.
  * Add one more arch-independent-package-contains-binary-or-object lintian
    suppression.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Tue, 17 Aug 2021 13:03:28 +1200

golang-1.16 (1.16.7-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.16.7
    + CVE-2021-36221: net/http: panic due to racy read of persistConn after
      handler panic

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 06 Aug 2021 02:38:44 +0800

golang-1.16 (1.16.6-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.16.6
    + CVE-2021-34558: crypto/tls: clients can panic when provided a certificate
      of the wrong type for the negotiated parameters

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 13 Jul 2021 13:11:46 +0800

golang-1.16 (1.16.5-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.16.5
    + CVE-2021-33195: net: Lookup functions may return invalid host names
    + CVE-2021-33196: archive/zip: malformed archive may cause panic or memory
      exhaustion (Closes: #989492)
    + CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection
      headers if first one is empty
    + CVE-2021-33198: math/big: (*Rat).SetString with "1.770p02041010010011001001"
      crashes with "makeslice: len out of range"

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 05 Jun 2021 19:03:59 +0800

golang-1.16 (1.16.4-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.16.4
    Fix CVE-2021-31525 net/http: ReadRequest can stack overflow due to
    recursion with very large headers

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 08 May 2021 02:27:38 +0800

golang-1.16 (1.16.3-4) unstable; urgency=medium

  * Team upload.
  * Remove bootstrap dir after build. Otherwise tests fail

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 20 Apr 2021 02:05:56 +0800

golang-1.16 (1.16.3-3) unstable; urgency=medium

  * Team upload.
  * Drop mtime hack in postinst and d/rules
    https://github.com/golang/go/issues/3506#issuecomment-341310161
    > Essentially everything involved in this report has been rewritten.
    > The go command no longer cares about mtimes.
  * No need to remove src dir in golang-$(GOVER)-go package.
    It's not installed by golang-X.Y-go.dirs now
  * Update description and recommended way to use specified version (Closes: #985542)
  * Rebuild with go1.16.
    To build with GO386=softfloat, https://github.com/golang/go/issues/44500
  * Add Multi-Arch hint
  * Only build in -arch target again.
    Move generated source files to golang-1.16-go package
  * Not force gencontrol in dh_clean.
    Not needed after the new branch is created. And we need to add some
    Breaks/Replaces to d/control which should not be in next version
  * Remove GOCACHE before dh_install.
    So it is executed when build with nocheck as well

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 20 Apr 2021 00:46:07 +0800

golang-1.16 (1.16.3-2) unstable; urgency=medium

  * Team upload.
  * Also build package in indep target (Closes: #987126)
    As the -src package moved to arch all,
  * Build with empty GO386 env on i386 for now.
    It's no possible to build go1.16 with go1.15 with either
    GO386=softfloat or GO386=387.
    We can rebuild go1.16 with go1.16 and GO386=softfloat later.

 -- Shengjing Zhu <zhsj@debian.org>  Sun, 18 Apr 2021 17:27:43 +0800

golang-1.16 (1.16.3-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.16.3
    Fix CVE-2021-27918 CVE-2021-27919
  * Move golang-X.Y-src to arch all.
    The package doesn't contain arch specific source now.
  * Update golang-X.Y-doc package description.
    Most contents are removed by upstream in 1.16, which is moved to
    x/website repository. And the godoc binary is also shipped in
    golang-golang-x-tools now. So no longer recommend users to read doc
    with godoc. These html files can also be read in plain browsers.
  * Replace dpkg-parsechangelog with dpkg pkg-info.mk
  * Try to enable tests on armel and ppc64.
    No comments say why it doesn't work
  * Remove nocheck detection as debhelper respects it since compat 13
  * Remove override_dh_missing as fail-missing is default in compat 13

 -- Shengjing Zhu <zhsj@debian.org>  Sun, 18 Apr 2021 03:56:41 +0800

golang-1.16 (1.16-1) unstable; urgency=medium

  * New upstream version 1.16
  * debian/control{.in,}: Change Section from devel to golang
  * Add myself to Uploaders

 -- Anthony Fok <foka@debian.org>  Thu, 18 Feb 2021 00:02:53 -0700

golang-1.16 (1.16~rc1-1) unstable; urgency=medium

  * Team upload.
  * New upstream major version.
    - Drop 0004-cmd-dist-fix-build-failure-of-misc-cgo-test-on-arm64.patch
      which was replaced by https://go-review.googlesource.com/c/go/+/262357/
      and cherry-picked as b3f7f60 for go1.16 upstream
    - Refresh remaining patches
  * Update Standards-Version to 4.5.1, no changes needed

 -- Anthony Fok <foka@debian.org>  Mon, 08 Feb 2021 17:43:41 -0700

golang-1.15 (1.15.8-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.15.8
  * Skip userns tests in schroot.
    When schroot is using overlayfs, it fails to detect it as chroot.

 -- Shengjing Zhu <zhsj@debian.org>  Fri, 05 Feb 2021 20:51:44 +0800

golang-1.15 (1.15.7-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.15.7
    + crypto/elliptic: incorrect operations on the P-224 curve
      CVE-2021-3114

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 23 Jan 2021 01:59:14 +0800

golang-1.15 (1.15.6-1) unstable; urgency=medium

  * Team upload.

  [ Balint Reczey ]
  * cmd/dist: increase default timeout scale for arm (LP: #1893640)

  [ Shengjing Zhu ]
  * New upstream version 1.15.6
  * Drop CGO_LDFLAGS patch, fixed in go1.15.6

 -- Shengjing Zhu <zhsj@debian.org>  Sun, 13 Dec 2020 18:27:59 +0800

golang-1.15 (1.15.5-2) unstable; urgency=medium

  * Team upload.
  * Backport patch to fix usability regression in go1.15.5
    cmd/go: allow flags in CGO_LDFLAGS environment variable not in security allowlist
    https://github.com/golang/go/issues/42567

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 18 Nov 2020 00:46:08 +0800

golang-1.15 (1.15.5-1) unstable; urgency=medium

  * New upstream version 1.15.5.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Fri, 13 Nov 2020 09:40:16 +1300

golang-1.15 (1.15.4-1) unstable; urgency=medium

  * New upstream version 1.15.4.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Tue, 10 Nov 2020 10:48:51 +1300

golang-1.15 (1.15.2-1) unstable; urgency=medium

  * New upstream version 1.15.2.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 15 Sep 2020 09:51:42 +1200

golang-1.15 (1.15-2) unstable; urgency=medium

  * Team upload.
  * Backport fix for arm64 cgo test
    https://go-review.googlesource.com/c/go/+/237858

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 27 Aug 2020 13:44:43 +0800

golang-1.15 (1.15-1) unstable; urgency=medium

  * New upstream version 1.15

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 25 Aug 2020 19:59:24 +0200

golang-1.15 (1.15~rc2-1) unstable; urgency=medium

  * New upstream version 1.15~rc2
    - encoding/binary: ReadUvarint and ReadVarint can read an unlimited
      number of bytes from invalid inputs. CVE-2020-16845

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sun, 09 Aug 2020 16:12:45 +0200

golang-1.15 (1.15~rc1-1) unstable; urgency=medium

  [ Shengjing Zhu ]
  * Backport patches to fix the FPU ABI problems for mips32
    https://go-review.googlesource.com/c/go/+/237058/

  [ Dr. Tobias Quathamer ]
  * New upstream version 1.15~rc1
    - Refresh patches
    - net/http: Expect 100-continue panics in httputil.ReverseProxy.
      See https://github.com/golang/go/issues/34902, fixes CVE-2020-15586

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 03 Aug 2020 21:22:44 +0200

golang-1.15 (1.15~beta1-2) unstable; urgency=medium

  * Source-only upload.

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 17 Jun 2020 17:17:08 +0200

golang-1.15 (1.15~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Drop patch to fix FTBFS on $HOME managed with git, has been
      applied upstream.
    - Refresh remaining patches

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 15 Jun 2020 21:40:49 +0200

golang-1.14 (1.14.4-1) unstable; urgency=medium

  * New upstream version 1.14.4
    - Refresh patches

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 15 Jun 2020 21:19:41 +0200

golang-1.14 (1.14.3-2) unstable; urgency=medium

  * Increase the test timeout that made some builds succeed
    there on slow hardware (such as emulated riscv64).
    Thanks to Gianfranco Costamagna (Closes: #960759)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 16 May 2020 14:32:28 +0200

golang-1.14 (1.14.3-1) unstable; urgency=medium

  * New upstream version 1.14.3
  * Use debhelper v13

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 15 May 2020 15:24:43 +0200

golang-1.14 (1.14.2-1) unstable; urgency=medium

  * New upstream version 1.14.2

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 10 Apr 2020 14:34:21 +0200

golang-1.14 (1.14.1-1) unstable; urgency=medium

  * New upstream version 1.14.1
    - Add new patch to fix FTBFS on $HOME managed with git.
      Thanks to Guillem Jover <gjover@sipwise.com> (Closes: #953276)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 21 Mar 2020 14:01:31 +0100

golang-1.14 (1.14-2) unstable; urgency=medium

  * Fix FTBFS if built twice in a row.
    Some paths of autogenerated files have been changed upstream,
    so that the removal of those files after the build did no
    longer succeed.
    Thanks to Guillem Jover (Closes: #953277)
  * Update Standards-Version to 4.5.0, no changes needed

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 09 Mar 2020 14:00:39 +0100

golang-1.14 (1.14-1) unstable; urgency=medium

  * New upstream version 1.14

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 25 Feb 2020 21:33:50 +0100

golang-1.14 (1.14~rc1-1) unstable; urgency=medium

  * New upstream version 1.14~rc1
    - Fixes CVE-2020-7919
  * Add Breaks: dh-golang (<< 1.43~) to golang-go.
    Thanks to Pirate Praveen <praveen@onenetbeyond.org>
  * Update upstream's signing key
  * Add support for riscv64.
    Thanks to Aurelien Jarno <aurel32@debian.org> (Closes: #950517)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 05 Feb 2020 23:54:28 +0100

golang-1.14 (1.14~beta1-2) unstable; urgency=medium

  * Source-only upload.
  * Add two more lintian overrides for testdata

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 26 Dec 2019 20:11:44 +0100

golang-1.14 (1.14~beta1-1) unstable; urgency=medium

  * New upstream major version.

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 25 Dec 2019 21:27:46 +0100

golang-1.13 (1.13.5-1) unstable; urgency=medium

  * New upstream version 1.13.5

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 05 Dec 2019 12:27:21 +0100

golang-1.13 (1.13.4-1) unstable; urgency=medium

  * New upstream version 1.13.4
    - Refresh patches

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 01 Nov 2019 21:07:16 +0100

golang-1.13 (1.13.3-1) unstable; urgency=medium

  * New upstream version 1.13.3
    - Refresh patch
    - crypto/dsa: invalid public key causes panic in dsa.Verify.
      Fixes CVE-2019-17596. Closes: #942628
  * Update Standards-Version to 4.4.1, no changes needed

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 19 Oct 2019 13:30:36 +0200

golang-1.13 (1.13.1-1) unstable; urgency=medium

  * New upstream version 1.13.1
    - net/textproto: don't normalize headers with spaces before the colon.
      Fixes CVE-2019-16276. See https://github.com/golang/go/issues/34541
      and Debian bug #941173

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 26 Sep 2019 11:32:14 +0200

golang-1.13 (1.13-1) unstable; urgency=medium

  * New upstream version 1.13
    - Refresh patch
  * Set pristine-tar for gbp to False

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 04 Sep 2019 11:28:07 +0200

golang-1.13 (1.13~rc2-1) unstable; urgency=medium

  * New upstream version 1.13~rc2
    - Remove patch for CVE-2019-9512 and CVE-2019-9514,
      has been applied upstream

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 30 Aug 2019 13:29:21 +0200

golang-1.13 (1.13~rc1-2) unstable; urgency=medium

  * Exclude testdata from dh_makeshlibs.
    Otherwise, the build fails at least on armel and armhf.
  * Apply changes from cme fix dpkg
  * Set Rules-Requires-Root: no

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 22 Aug 2019 15:21:10 +0200

golang-1.13 (1.13~rc1-1) unstable; urgency=medium

  * New upstream version 1.13~rc1
    - Remove patch for CVE-2019-14809, has been applied upstream
  * Use dh_missing instead of deprecated dh_install --fail-missing
  * Do not run dh_dwz, there is no debugging information
  * Use debhelper-compat (= 12)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 22 Aug 2019 12:48:15 +0200

golang-1.13 (1.13~beta1-3) unstable; urgency=high

  * Fix Denial of Service vulnerabilities in the HTTP/2 implementation.
    https://github.com/golang/go/issues/33631
    CVE-2019-9512, CVE-2019-9514. Closes: #934955
  * Fix multiple Parsing Issues in URL.Parse
    https://github.com/golang/go/issues/29098
    CVE-2019-14809. Closes: #934954

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 17 Aug 2019 23:47:53 +0200

golang-1.13 (1.13~beta1-2) unstable; urgency=medium

  * Set GOCACHE to fix a FTBFS. (See bug #933958)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 09 Aug 2019 16:40:13 +0200

golang-1.13 (1.13~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Remove Reproducible-BUILD_PATH_PREFIX_MAP.patch.
      This patch is finally no longer needed with Go 1.13.
      Upstream has implemented a new flag "-trimpath" for the
      command "go build" which either strips the path or
      replaces it in the resulting binaries.
      References:
      https://github.com/golang/go/issues/16860
      https://go-review.googlesource.com/c/go/+/173345/
      https://go-review.googlesource.com/c/go/+/173344/
    - Remove arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch.
      This patch has been cherry-picked from upstream and is now included.
    - Refresh remaining patches
    - Fix lintian warning: make scripts executable
  * Switch to debhelper-compat, but stay at v11 for now

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 01 Aug 2019 14:21:51 +0200

golang-1.12 (1.12.7-1) unstable; urgency=medium

  * New upstream version 1.12.7
    - Refresh patches
  * Update Standards-Version to 4.4.0, no changes needed

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 09 Jul 2019 14:19:07 +0200

golang-1.12 (1.12.5-1) unstable; urgency=medium

  * New upstream version 1.12.5

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 09 May 2019 22:34:40 +0200

golang-1.12 (1.12.4-1) unstable; urgency=medium

  [ Anthony Fok ]
  * Add /usr/lib/go-X.Y/{api,misc} symlinks.
    For example, programs such as https://github.com/vugu/vugu and
    documentation such as https://github.com/golang/go/wiki/WebAssembly
    expect to find wasm_exec.js at "$(go env GOROOT)/misc/wasm/wasm_exec.js".

  [ Dr. Tobias Quathamer ]
  * New upstream version 1.12.4
  * Add five lintian overrides for false positives

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sat, 13 Apr 2019 14:09:40 +0200

golang-1.12 (1.12.1-1) unstable; urgency=medium

  * New upstream version 1.12.1
  * Use upstream signing key for tarball verification

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sun, 17 Mar 2019 21:56:32 +0100

golang-1.12 (1.12-1) unstable; urgency=medium

  * New upstream version 1.12
    - Remove patch 0005-Fix-CVE-2019-6486, applied upstream

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 26 Feb 2019 21:31:48 +0100

golang-1.12 (1.12~beta2-2) unstable; urgency=medium

  * Refresh patch Reproducible BUILD_PATH_PREFIX_MAP.
    Thanks to Michael Stapelberg!
  * Add patch to fix CVE-2019-6486. (Closes: #920548)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sun, 27 Jan 2019 20:05:59 +0100

golang-1.12 (1.12~beta2-1) unstable; urgency=medium

  * New upstream version 1.12~beta2
    - Remove two patches, applied upstream. Refresh remaining patch.

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 11 Jan 2019 17:14:43 +0100

golang-1.12 (1.12~beta1-4) unstable; urgency=medium

  * Switch watch file to version 4
  * Update d/copyright

 -- Dr. Tobias Quathamer <toddy@debian.org>  Mon, 07 Jan 2019 23:06:22 +0100

golang-1.12 (1.12~beta1-3) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "unix: fix Fstatat by using fillStat_t on linux/mips64x"
    This fixes the "Fstatat: returned stat does not match Stat/Lstat"
    errors detected by TestFstatat.
    See https://go-review.googlesource.com/c/sys/+/155747

  [ Dr. Tobias Quathamer ]
  * Add another lintian override

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 28 Dec 2018 23:06:20 +0100

golang-1.12 (1.12~beta1-2) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "cmd/compile: fix MIPS SGTconst-with-shift rules"
    by Cherry Zhang.  This fixes the root problem behind the
    "slice bounds out of range" build error seen in 1.11.4
    on mips and mipsel architectures.
    See https://go-review.googlesource.com/c/go/+/155798
  * Bump Standards-Version to 4.3.0 (no change)

  [ Dr. Tobias Quathamer ]
  * Do not compress favicon.ico.
    Thanks to Dato Simó <dato@debian.org> (Closes: #917132)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Wed, 26 Dec 2018 23:20:03 +0100

golang-1.12 (1.12~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Refresh patches
    - Add new patch to disable test for UserHomeDir
  * Switch team address to tracker.d.o
  * Add another lintian override for a false positive

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 20 Dec 2018 12:51:49 +0100

golang-1.11 (1.11.4-1) unstable; urgency=medium

  * New upstream version 1.11.4
  * Make lintian override agnostic of golang version

 -- Dr. Tobias Quathamer <toddy@debian.org>  Sun, 16 Dec 2018 13:48:52 +0100

golang-1.11 (1.11.3-1) unstable; urgency=medium

  * New upstream version 1.11.3
    - Refresh patches
  * Update gbp.conf to new style syntax
  * Suggest brz as alternative to bzr; it provides the same command-line API.
  * Add myself to Uploaders

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 13 Dec 2018 23:23:40 +0100

golang-1.11 (1.11.2-2) unstable; urgency=medium

  * d/patches/arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch:
    backport workaround for objdump's support of newer mnemonics on arm64.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Mon, 26 Nov 2018 13:24:37 +1300

golang-1.11 (1.11.2-1) unstable; urgency=medium

  * Team upload.

  [ Michael Hudson-Doyle ]
  * New upstream major version.
  * Update debhelper compat level to 11.
  * Remove GOCACHE files after running tests.
  * Stop dh_strip_nondeterminism from looking at testdata directories.

  [ Dr. Tobias Quathamer ]
  * Build-Depend on debhelper v11
  * Override two false positive Lintian errors (missing depends
    on sensible-utils)
  * Add Lintian overrides for testdata
  * Include /usr/share/dpkg/architecture.mk for DEB_HOST_ARCH
  * Refresh patch for new upstream version
  * Fix Lintian warnings about wrong interpreter path
  * Make two scripts executable which have been missed by upstream
  * Remove three unneeded lintian overrides
  * Use HTTPS URL for d/watch
  * Update to Standards-Version 4.2.1
    - Use HTTPS for d/copyright
  * Update d/copyright

 -- Dr. Tobias Quathamer <toddy@debian.org>  Tue, 20 Nov 2018 22:51:44 +0100

golang-1.10 (1.10.3-1) unstable; urgency=medium

  * New upstream version 1.10.3
  * Restore changelog entry for 1.10.1-3, and fix that for 1.10.2-1, oops.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Thu, 14 Jun 2018 14:55:58 +1200

golang-1.10 (1.10.2-1) unstable; urgency=medium

  * New upstream version 1.10.2.
    - d/patches/0003-Backport_nopie_fix.patch: removed, now included upstream.
    - d/patches/0004-Backport_mips_octeon3_fp_fix.patch: removed, also included
      upstream.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Wed, 23 May 2018 15:24:03 +1200

golang-1.10 (1.10.1-3) unstable; urgency=high

  * Team upload.

  [ Michael Hudson-Doyle ]
  * Install the 'misc' and 'api' directories as part of the golang-1.10-src
    package as some tools (vgo, go tool trace) expect them to be there.
    (Closes: 894992¸ LP: #1743598)

  [ Martín Ferrari ]
  * Backport fix for FP bug in mips/Octeon III. Closes: #892088. Raising
    severity.

 -- Martín Ferrari <tincho@debian.org>  Sun, 22 Apr 2018 21:21:05 +0000

golang-1.10 (1.10.1-2) unstable; urgency=medium

  * Team upload.
  * Backport patch that fixes FTBFS in arm64.
  * debian/copyright: Update attribution.
  * debian/source: Update lintian-overrides.

 -- Martín Ferrari <tincho@debian.org>  Wed, 18 Apr 2018 15:38:49 +0000

golang-1.10 (1.10.1-1) unstable; urgency=medium

  * New upstream version 1.10.1.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: update patch tags
    to reference upstream discussion of this topic.
  * d/control, d/control.in: Update Vcs-* to point to salsa.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Tue, 03 Apr 2018 15:34:12 +1200

golang-1.10 (1.10-1) unstable; urgency=medium

  * New upstream version 1.10

 -- Michael Stapelberg <stapelberg@debian.org>  Sat, 17 Feb 2018 12:57:14 +0100

golang-1.10 (1.10~rc2-1) unstable; urgency=medium

  * New upstream version, fixing CVE-2018-6574.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch,
    d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch,
    d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    removed, now included upstream.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Thu, 08 Feb 2018 10:46:52 +1300

golang-1.10 (1.10~rc1-2) unstable; urgency=medium

  * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    Backport from upstream to fix build issues on armhf (causes ftbfs on
    Ubuntu but not Debian for some reason, but could produce broken binaries
    on Debian too).

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Wed, 07 Feb 2018 22:10:22 +1300

golang-1.10 (1.10~rc1-1) unstable; urgency=medium

  * New upstream version 1.10~rc1.
  * d/patches/0004-cmd-dist-use-buildmode-pie-for-pie-testing.patch,
    d/patches/0006-misc-cgo-testcarchive-use-no-pie-where-needed.patch,
    d/patches/0003-Do-not-use-SP-as-index-reg.patch: removed, included upstream.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: refreshed.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch:
    Add to fix test failure in chroot.
  * d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch:
    Add to fix test failure when $HOME is not writable.
  * d/rules: Set GOCACHE to "off" during build to avoid shipping cache files.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Wed, 31 Jan 2018 14:46:12 +1300

golang-1.9 (1.9.2-4) unstable; urgency=medium

  * Enable building on mips, mipsel and mips64. (Closes: 879764)

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Fri, 08 Dec 2017 14:09:24 +1300

golang-1.9 (1.9.2-3) unstable; urgency=medium

  * Remove workaround for now fixed debhelper bug #879762
  * Backport three patches from upstream to fix ftbfs on ppc64el with new kernel.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Tue, 31 Oct 2017 12:16:17 +1300

golang-1.9 (1.9.2-2) unstable; urgency=medium

  [ Martín Ferrari ]
  * Add debian/patches/0003-Do-not-use-SP-as-index-reg.patch (Closes: #877541)

 -- Michael Stapelberg <stapelberg@debian.org>  Fri, 27 Oct 2017 08:55:32 +0200

golang-1.9 (1.9.2-1) unstable; urgency=medium

  * New upstream version 1.9.2
  * Work around debhelper bug #879762

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Thu, 26 Oct 2017 13:46:40 +1300

golang-1.9 (1.9.1-2) unstable; urgency=medium

  * Update debian/copyright (Closes: #873740)

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 09 Oct 2017 18:03:49 +0200

golang-1.9 (1.9.1-1) unstable; urgency=medium

  * New upstream release.
  * Use my @debian.org address in Uploaders.

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Fri, 06 Oct 2017 13:04:46 +1300

golang-1.9 (1.9-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress some new lintian errors in golang-1.9-src.

  [ Michael Stapelberg ]
  * Add debian/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Wed, 30 Aug 2017 16:31:09 +1200

golang-1.8 (1.8.3-1) unstable; urgency=medium

  * New upstream release. (Closes: 863292, 863307)

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 01 Jun 2017 21:06:00 +1200

golang-1.8 (1.8.1-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 10 Apr 2017 13:29:28 +1200

golang-1.8 (1.8-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 02 Mar 2017 10:11:55 +1300

golang-1.8 (1.8~rc3-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 27 Jan 2017 10:23:56 +1300

golang-1.8 (1.8~rc2-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 20 Jan 2017 12:15:27 +1300

golang-1.8 (1.8~rc1-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 16 Jan 2017 15:51:54 +1300

golang-1.8 (1.8~beta2-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 20 Dec 2016 14:19:55 +1300

golang-1.8 (1.8~beta1-1) unstable; urgency=medium

  * New upstream release.
  * Remove d/patches/cl-29995--tzdata-2016g.patch, included upstream.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 07 Dec 2016 17:38:57 -0800

golang-1.7 (1.7.4-1) unstable; urgency=medium

  * Update to 1.7.4 upstream release (Closes: #846545)
    - https://groups.google.com/d/topic/golang-announce/2lP5z9i9ySY/discussion
    - https://golang.org/issue/17965 (potential DoS vector in net/http)
    - https://github.com/golang/go/compare/go1.7.3...go1.7.4

 -- Tianon Gravi <tianon@debian.org>  Fri, 02 Dec 2016 13:30:36 -0800

golang-1.7 (1.7.3-1) unstable; urgency=medium

  * New upstream release.
  * Delete d/patches/cl-28850.patch, applied upstream.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 20 Oct 2016 09:10:47 +1300

golang-1.7 (1.7.1-3) unstable; urgency=medium

  * Backport CL 29995 for tzdata 2016g changes (Closes: #839317)

 -- Tianon Gravi <tianon@debian.org>  Mon, 03 Oct 2016 15:12:28 -0700

golang-1.7 (1.7.1-2) unstable; urgency=medium

  * Add upstream patch for s390x FTBFS

 -- Tianon Gravi <tianon@debian.org>  Mon, 12 Sep 2016 09:32:10 -0700

golang-1.7 (1.7.1-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable tests on s390x now that gcc-6 has been fixed in unstable.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 08 Sep 2016 13:04:33 +1200

golang-1.7 (1.7-3) unstable; urgency=medium

  * Add "s390x" to Architectures

 -- Tianon Gravi <tianon@debian.org>  Tue, 23 Aug 2016 07:35:16 -0700

golang-1.7 (1.7-2) unstable; urgency=medium

  * Disable tests on armel.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 16 Aug 2016 15:18:07 +1200

golang-1.7 (1.7-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 16 Aug 2016 11:37:34 +1200

golang-1.7 (1.7~rc4-1) unstable; urgency=medium

  * New upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 02 Aug 2016 15:10:22 +1200

golang-1.7 (1.7~rc3-1) unstable; urgency=medium

  [ Tianon Gravi ]
  * Remove outdated README files (README.source and README.Debian)

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress inaccurate source-is-missing lintian warnings.
  * Update Standards-Version to 3.9.8 (no changes required).

 -- Tianon Gravi <tianon@debian.org>  Mon, 11 Jul 2016 18:31:57 -0700

golang-1.7 (1.7~rc2-1) unstable; urgency=medium

  * Update to 1.7rc2 upstream release.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 19 Jul 2016 14:40:14 +1200

golang-1.7 (1.7~rc1-1) unstable; urgency=medium

  [ Paul Tagliamonte ]
  * Use a secure transport for the Vcs-Git and Vcs-Browser URL

  [ Tianon Gravi ]
  * Update to 1.7rc1 upstream release (new packages, not used by default; see
    also src:golang-defaults)
  * Update Vcs-Git to reference a particular branch

 -- Tianon Gravi <tianon@debian.org>  Mon, 11 Jul 2016 16:10:12 -0700

golang-1.6 (1.6.2-2) unstable; urgency=medium

  * Update "golang-any" in "Build-Depends" to fallback to "golang-go | gccgo"
    (will help with backporting)

 -- Tianon Gravi <tianon@debian.org>  Thu, 23 Jun 2016 20:01:00 -0700

golang-1.6 (1.6.2-1) unstable; urgency=medium

  * Update to 1.6.2 upstream release (Closes: #825696)
  * Build-Depend on golang-any instead of golang-go (Closes: #824421)

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 03 Jun 2016 07:50:44 -0700

golang-1.6 (1.6.1-1) unstable; urgency=medium

  * Build golang version-specific packages (Closes: #818415)
  * Things that (conceptually at least) move to new golang version independent
    golang-defaults source package:
    - Man pages.
    - Suggesting golang-golang-x-tools.
    - Breaks/Replace-ing of old golang-go-$GOOS-$GOARCH packages.
  * Stop using alternatives to manage /usr/bin/go.
  * sed trickery in debian/rules to support easy changes to new golang versions.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 01 Jun 2016 10:04:53 -0700

golang (2:1.6.1-2) unstable; urgency=medium

  * Don't strip testdata files, causes build failures on some platforms.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 13 Apr 2016 15:47:46 -0700

golang (2:1.6.1-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * Breaks/Replaces: older golang-golang-x-tools, not Conflicts, to ensure
    smooth upgrades.
  * Strip the binaries as it has worked for the last five years or so and
    upstream sees no reason to disable it.

  [ Tianon Gravi ]
  * Update to 1.6.1 upstream release (Closes: #820369)
    - Fix CVE-2016-3959: infinite loop in several big integer routines

 -- Tianon Gravi <tianon@debian.org>  Tue, 12 Apr 2016 23:06:43 -0700

golang (2:1.6-1) unstable; urgency=medium

  * Update to 1.6 upstream release (thanks Hilko!)
    - change "ar" arguments to quiet spurious warnings while using gccgo
      (Closes: #807138)
    - skip multicast listen test (Closes: #814849)
    - skip userns tests when chrooted (Closes: #807303)
    - use correct ELF header for armhf binaries (Closes: #734357)
    - Update debian/rules clean for new location of generated file.

  [ Michael Hudson-Doyle ]
  * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests
    (Closes: #807290)
  * Trim Build-Depends (Closes: #807299)
  * Fix several minor debian/copyright issues (Closes: #807304)
  * Remove inconsistently included race-built packages (Closes: #807294)

  [ Tianon Gravi ]
  * Add "-k" to "run.bash" invocation so that we do a full test run every time

 -- Tianon Gravi <tianon@debian.org>  Mon, 29 Feb 2016 16:10:32 -0800

golang (2:1.5.3-1) unstable; urgency=high

  * Update to 1.5.3 upstream release
    - Fix CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in
      math/big library (Closes: #809168)
  * Add "Breaks" to properly complement our "Replaces" (Closes: #810595)

 -- Tianon Gravi <tianon@debian.org>  Thu, 14 Jan 2016 07:41:44 -0800

golang (2:1.5.2-1) unstable; urgency=medium

  * Update to 1.5.2 upstream release (Closes: #807136)

 -- Tianon Gravi <tianon@debian.org>  Tue, 05 Jan 2016 19:59:22 -0800

golang (2:1.5.1-4) unstable; urgency=medium

  * Add Conflicts to force newer golang-go.tools too (Closes: #803559)

 -- Tianon Gravi <tianon@debian.org>  Tue, 03 Nov 2015 21:57:54 -0800

golang (2:1.5.1-3) unstable; urgency=medium

  * Remove architecture qualification on golang-go Build-Depend now that
    golang-go is available for more architectures.

 -- Tianon Gravi <tianon@debian.org>  Thu, 29 Oct 2015 07:40:38 -0700

golang (2:1.5.1-2) unstable; urgency=medium

  * Add Conflicts to force newer golang-golang-x-tools (Closes: #802945).

 -- Tianon Gravi <tianon@debian.org>  Tue, 27 Oct 2015 13:28:56 -0700

golang (2:1.5.1-1) unstable; urgency=medium

  * Upload to unstable.
  * Update to 1.5.1 upstream release (see notes from experimental uploads for
    what's changed).
  * Skip tests on architectures where the tests fail.

 -- Tianon Gravi <tianon@debian.org>  Sat, 24 Oct 2015 10:22:02 -0700

golang (2:1.4.3-3) unstable; urgency=medium

  * Fix FTBFS for non-amd64 architectures due to handling of "-race".

 -- Tianon Gravi <tianon@debian.org>  Mon, 05 Oct 2015 02:04:07 -0700

golang (2:1.5.1-1~exp2) experimental; urgency=medium

  * Upload to experimental.
  * Add arch-qualifiers to "golang-go" build-depends to unblock the buildds
    (Closes: #800479); thanks Tim!

 -- Tianon Gravi <tianon@debian.org>  Wed, 30 Sep 2015 11:19:26 -0700

golang (2:1.4.3-2) unstable; urgency=medium

  * Update Recommends/Suggests, especially to add gcc, etc.
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building (mostly backported from the 1.5+ changes), which
    fixes the "arch:all" FTBFS.

 -- Tianon Gravi <tianon@debian.org>  Sun, 27 Sep 2015 22:06:07 -0700

golang (2:1.5.1-1~exp1) experimental; urgency=low

  * Upload to experimental.
  * Update to 1.5.1 upstream release (Closes: #796150).
    - Compiler and runtime written entirely in Go.
    - Concurrent garbage collector.
    - GOMAXPROCS=runtime.NumCPU() by default.
    - "internal" packages for all, not just core.
    - Experimental "vendoring" support.
    - Cross-compilation no longer requires a complete rebuild of the stdlib in
      GOROOT, and thus the golang-go-GOHOST-GOARCH packages are removed.
  * Sync debian/copyright with the Ubuntu delta. (thanks doko!)
  * Remove patches that no longer apply.
  * Add more supported arches to "debian/rules" code for detecting
    appropriate GOARCH/GOHOSTARCH values; thanks mwhudson and tpot!
    (Closes: #799907)
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building.
  * Move "dpkg-architecture" to "GOOS"/"GOARCH" code into a simple shell script
    for easier maintenance.

 -- Tianon Gravi <tianon@debian.org>  Fri, 25 Sep 2015 14:36:53 -0700

golang (2:1.4.3-1) unstable; urgency=medium

  * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor)
    - includes previous CVE and non-CVE security fixes, especially
      TEMP-0000000-1C4729

 -- Tianon Gravi <tianon@debian.org>  Fri, 25 Sep 2015 00:02:31 -0700

golang (2:1.4.2-4) unstable; urgency=high

  * Apply backported CVE fixes (Closes: #795106).
    - CVE-2015-5739: Invalid headers are parsed as valid headers
    - CVE-2015-5740: RFC 7230 3.3.3 4 violation
    - CVE-2015-5741: other discoveries of security-relevant RFC 7230 violations

 -- Tianon Gravi <tianon@debian.org>  Mon, 14 Sep 2015 12:27:57 -0700

golang (2:1.4.2-3) unstable; urgency=medium

  * Add missing "prerm" for our new alternatives (thanks piuparts).

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 05 May 2015 17:38:37 -0600

golang (2:1.4.2-2) unstable; urgency=medium

  * Move "go" and "gofmt" into "/usr/lib/go" and use alternatives to provide
    appropriate symlinks (Closes: #779503, #782301).
  * Relax "golang-go.tools" relationship to Suggests (from Recommends).
  * Add "go get" VCS options to Suggests for golang-go (bzr, git, mercurial,
    subversion).

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 05 May 2015 00:37:53 -0600

golang (2:1.4.2-1) unstable; urgency=medium

  * New upstream version
    (https://golang.org/doc/devel/release.html#go1.4.minor)

 -- Tianon Gravi <admwiggin@gmail.com>  Sat, 02 May 2015 10:06:34 -0600

golang (2:1.4.1-1~exp1) experimental; urgency=low

  * New upstream version (https://golang.org/doc/go1.4)
    - all editor support files have been removed from misc/ upstream upstream,
      so golang-mode, kate-syntax-go, and vim-syntax-go can no longer be
      provided; see https://github.com/golang/go/wiki/IDEsAndTextEditorPlugins
      for an upstream-maintained list of potential replacements

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 16 Jan 2015 00:52:10 -0500

golang (2:1.3.3-1) unstable; urgency=medium

  * New upstream version (https://code.google.com/p/go/source/list?name=go1.3.3)
    - time: removed from tests now obsolete assumption about Australian tz
      abbreviations
    - net: temporarily skip TestAcceptIgnoreSomeErrors
    - runtime: hide cgocallback_gofunc calling cgocallbackg from linker
    - runtime: fix GOTRACEBACK reading on Windows, Plan 9
    - nacltest.bash: unset GOROOT
    - cmd/5l, cmd/6l, cmd/8l: fix nacl binary corruption bug
  * Add Paul and myself as uploaders. Many, many thanks to Michael for his work
    so far on this package (and hopefully more to come).

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 12 Dec 2014 16:11:02 -0500

golang (2:1.3.2-1) unstable; urgency=medium

  * New upstream version

 -- Michael Stapelberg <stapelberg@debian.org>  Fri, 26 Sep 2014 23:21:45 +0200

golang (2:1.3.1-1) unstable; urgency=medium

  * New upstream version

 -- Michael Stapelberg <stapelberg@debian.org>  Wed, 13 Aug 2014 09:15:58 +0200

golang (2:1.3-4) unstable; urgency=medium

  [ Tianon Gravi ]
  * update debian/watch for upstream's latest move (Closes: #756415)
  * backport archive/tar patch to fix PAX headers (Closes: #756416)

 -- Michael Stapelberg <stapelberg@debian.org>  Sat, 02 Aug 2014 21:02:24 +0200

golang (2:1.3-3) unstable; urgency=medium

  * don’t depend on emacs23, depend on emacs instead (Closes: #754013)
  * install include/ in golang-src, VERSION in golang-go (Closes: #693186)

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 07 Jul 2014 08:30:50 +0200

golang (2:1.3-2) unstable; urgency=medium

  * Add /usr/lib/go/test symlink
  * Build with GO386=387 to favor the 387 floating point unit over sse2
    instructions (Closes: #753160)
  * Add debian/patches/0001-backport-delete-whole-line.patch to fix a
    deprecation warning about flet in the emacs part of golang-mode
    (Closes: #753607)
  * Migrate to emacsen >2 (Closes: #753607)
  * Backport two patches to improve archive/tar performance (for docker):
    debian/patches/0002-archive-tar-reuse-temporary-buffer-in-writeHeader.patch
    debian/patches/0003-archive-tar-reuse-temporary-buffer-in-readHeader.patch

 -- Michael Stapelberg <stapelberg@debian.org>  Thu, 03 Jul 2014 23:33:46 +0200

golang (2:1.3-1) unstable; urgency=medium

  * New upstream version.
  * Drop patches merged upstream:
    - debian/patches/add-tar-xattr-support.patch
    - debian/patches/add-tar-xattr-support.patch
  * Fix debian/watch (Thanks Tianon) (Closes: #748290)
  * Remove dangling symlink /usr/lib/go/lib/godoc (Closes: #747968)

 -- Michael Stapelberg <stapelberg@debian.org>  Thu, 19 Jun 2014 09:23:36 +0200

golang (2:1.2.1-2) unstable; urgency=low

  * Re-apply debian/patches/add-tar-xattr-support.patch which got lost when
    uploading 1.2.1-1; sorry about that.

 -- Michael Stapelberg <stapelberg@debian.org>  Sat, 08 Mar 2014 20:01:12 +0100

golang (2:1.2.1-1) unstable; urgency=low

  * New upstream release.

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 03 Mar 2014 17:40:57 +0100

golang (2:1.2-3) unstable; urgency=low

  * add debian/patches/add-tar-xattr-support.patch to have xattr support in
    tar (cherry-picked from upstream) (Thanks proppy) (Closes: #739586)

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 24 Feb 2014 19:34:16 +0100

golang (2:1.2-2) unstable; urgency=low

  * add patches/add-src-pkg-debug-elf-testdata-hello.patch to provide source
    for the testdata/ ELF binaries (Closes: #716853)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 31 Dec 2013 18:28:29 +0100

golang (2:1.2-1) unstable; urgency=low

  * New upstream release.
  * drop patches/archive-tar-fix-links-and-pax.patch, it is merged upstream
  * godoc(1) is now in the Debian package golang-go.tools, it was moved into a
    separate repository by upstream.
  * move patches/godoc-symlinks.diff to golang-go.tools

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 02 Dec 2013 23:57:24 +0100

golang (2:1.1.2-3) unstable; urgency=low

  * cherry-pick upstream commit: archive-tar-fix-links-and-pax.patch
    (Closes: #730566)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 26 Nov 2013 18:59:27 +0100

golang (2:1.1.2-2) unstable; urgency=low

  * Build golang-go-linux-* for each architecture (Thanks James Page)
    (Closes: #719611)
  * Update lintian-overrides to override statically-linked-binary and
    unstripped-binary-or-object for all of golang-go

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 20 Aug 2013 08:13:40 +0200

golang (2:1.1.2-1) unstable; urgency=low

  * New upstream release.
  * Relicense debian/ under the Go license to match upstream. All copyright
    holders agreed to this. (Closes: #716907)
  * golang-mode: don’t install for a number of emacs versions which are not
    supported upstream (Thanks Kevin Ryde) (Closes: #702511, #717521)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 13 Aug 2013 13:47:58 +0200

golang (2:1.1.1-4) unstable; urgency=low

  * Disable stripping, it breaks go binaries on some architectures. This drops
    the golang-dbg package which would be empty now. (Thanks Robie Basak)
    (Closes: #717172)

 -- Michael Stapelberg <stapelberg@debian.org>  Wed, 17 Jul 2013 19:15:18 +0200

golang (2:1.1.1-3) unstable; urgency=low

  * Ship */runtime/cgo.a in golang-go to ensure it is present. It can only be
    used on the native architecture anyway (cannot be used when
    cross-compiling), so having it in golang-go-$GOOS-$GOARCH is not
    necessary. Even worse, since these packages are arch: all, they will be
    built precisely once, and only the runtime/cgo.a for the buildd’s native
    arch will be present. (Closes: #715025)

 -- Michael Stapelberg <stapelberg@debian.org>  Thu, 11 Jul 2013 20:25:52 +0200

golang (2:1.1.1-2) unstable; urgency=low

  [ James Page ]
  * Ensure smooth upgrade path from << 2:1.1-2 (Closes: #714838)

 -- Michael Stapelberg <stapelberg@debian.org>  Wed, 03 Jul 2013 18:05:58 +0200

golang (2:1.1.1-1) unstable; urgency=low

  * Imported Upstream version 1.1.1

 -- Ingo Oeser <nightlyone@googlemail.com>  Fri, 14 Jun 2013 23:25:44 +0200

golang (2:1.1-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Promote Michael to Maintainer

  [ Michael Stapelberg ]
  * Build golang-go-$GOOS-$GOARCH packages for cross-compiling (Closes: #710090)
  * Build race detector on linux/amd64 (only supported arch) (Closes: #710691)
  * Switch compression to xz (50% smaller binaries)

 -- Michael Stapelberg <stapelberg@debian.org>  Fri, 07 Jun 2013 23:18:09 +0200

golang (2:1.1-1) unstable; urgency=low

  * New upstream release: Go 1.1!
  * Remove the long obsolete goinstall debconf question and config file.
    goinstall does not exist anymore since a long time.
    This also obsoletes the need for any translations
    (Closes: #685923, #692478)
  * Emacs go-mode auto-mode-alist entry was fixed upstream (Closes: #670371)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 14 May 2013 19:36:04 +0200

golang (2:1.1~hg20130405-1) experimental; urgency=low

  * Provide a new hg tip snapshot. This includes what was recently released as
    Go 1.1 beta.

 -- Michael Stapelberg <stapelberg@debian.org>  Fri, 05 Apr 2013 18:24:36 +0200

golang (2:1.1~hg20130323-1) experimental; urgency=low

  * Provide a new hg tip snapshot.
  * Add debian/watch (Closes: #699698)

 -- Michael Stapelberg <stapelberg@debian.org>  Sat, 23 Mar 2013 11:31:26 +0100

golang (2:1.1~hg20130304-2) experimental; urgency=low

  * Fix FTBFS of binary-arch only builds (as performed by buildds)
    caused by 'rm' not finding jquery.js in golang-doc
    (Thanks Peter Green)

 -- Michael Stapelberg <stapelberg@debian.org>  Tue, 05 Mar 2013 00:49:27 +0100

golang (2:1.1~hg20130304-1) experimental; urgency=low

  * Provide a hg tip snapshot (2013-03-04) in Debian experimental.
    Current hg tip is a good approximation to Go 1.1 and should get
    some testing within Debian in order to package Go 1.1 well when
    it is released. Thanks to Andrew Gerrand.

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 04 Mar 2013 21:28:58 +0100

golang (2:1.0.2-2) unstable; urgency=low

  * Add myself to uploaders, as discussed in #683421.
  * cherry-pick r820ffde8c396 (net/http: non-keepalive connections close
    successfully) (Closes: #683421)

 -- Michael Stapelberg <stapelberg@debian.org>  Thu, 02 Aug 2012 14:25:58 +0200

golang (2:1.0.2-1.1) unstable; urgency=low

  * Non-maintainer upload. (as discussed with Ondřej in #679692)
  * Fix godoc-symlinks.diff (godoc didn’t find docs) (Closes: #679692)

 -- Michael Stapelberg <stapelberg@debian.org>  Fri, 20 Jul 2012 17:59:38 +0200

golang (2:1.0.2-1) unstable; urgency=low

  [ Ondřej Surý ]
  * Imported Upstream version 1.0.2
  * Update Vcs fields to reflect new git repository location
  * Kill get-orig-source, since 1.0.0, the tarballs can be downloaded from
    webpage

  [ Michael Stapelberg ]
  * golang-mode: use debian-pkg-add-load-path-item (Closes: #664802)
  * add manpages (Closes: #632964)
  * Use updated pt.po from Pedro Ribeiro (Closes: #674958)

 -- Ondřej Surý <ondrej@sury.org>  Thu, 28 Jun 2012 12:14:15 +0200

golang (2:1.0.1-1) unstable; urgency=low

  * Imported Upstream version 1.0.1
  * Apply godoc patch to display package list correctly (Closes: #669354)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 02 May 2012 15:44:59 +0200

golang (2:1-6) unstable; urgency=low

  * Merge upstream patch to fix homedir issue
    (http://code.google.com/p/go/source/detail?r=709120aecee0)
  * Disable GNU/KFreeBSD build (Closes: #668794)

 -- Ondřej Surý <ondrej@debian.org>  Wed, 18 Apr 2012 09:53:30 +0200

golang (2:1-5) unstable; urgency=low

  * Rewrite test conditions to make them more readable
    (and fix the debian/rules to really not check on armel+kfreebsd)
  * Patch upstream test to not fail on missing home directory

 -- Ondřej Surý <ondrej@debian.org>  Sun, 15 Apr 2012 12:35:53 +0200

golang (2:1-4) unstable; urgency=low

  * Disable tests on Debian GNU/KFreeBSD, they just hang now (Closes: #668794)
  * Disable tests on armel, but the invalid instruction needs fixing in
    upstream
  * Create fake home directory to pass the os/user test

 -- Ondřej Surý <ondrej@debian.org>  Sun, 15 Apr 2012 10:49:09 +0200

golang (2:1-3) unstable; urgency=high

  * Use VERSION provided by upstream for packaging purposes
  * Run tests as a part of a build process
  * Install full src tree (except pkg/debug) because go command depend
    on sources available
  * Install sources without testdata and *_test.go
  * Remove circular dependency golang-go->golang-doc->golang-go
  * Make sure that timestamp on installed binaries and libraries is same
    because go build/install recompiles everything if the go binary has
    more recent timestamp than libraries (Closes: #668235)
    + Need to update timestamps at postinst time because already created
      directories can have time in the past
  * Fix couple of lintian errors and warnings

 -- Ondřej Surý <ondrej@debian.org>  Wed, 11 Apr 2012 23:21:47 +0200

golang (2:1-2) unstable; urgency=low

  * Remove preserving of old -tools settings, there are too many options
    now anyway (Closes: #666007)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 06 Apr 2012 16:52:13 +0200

golang (2:1-1) unstable; urgency=low

  * New major upstream release Go 1 (Closes: #666942)
  * Bumb epoch to 2, since 1 < 60 < 2011 (I wonder if next version will be 0 :)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. (Closes: #663181)
  * [Debconf translation updates]
    + Pick existing translations from golang-weekly and do appropriate
      sed magic to fit golang templates. (Closes: #666884, #666880, #666881)
    + Dutch; (Jeroen Schot).  (Closes: #664598)
    + Czech (Michal Simunek).  (Closes: #665385)
    + Spanish; (Camaleón).  (Closes: #666177)
    + Danish (Joe Hansen).  (Closes: #666526)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 06 Apr 2012 16:04:17 +0200

golang (1:60.3-2) unstable; urgency=low

  * debconf-gettextize package templates

 -- Ondřej Surý <ondrej@debian.org>  Mon, 20 Feb 2012 22:01:10 +0100

golang (1:60.3-1) unstable; urgency=low

  * Imported Upstream version 60.3

 -- Ondřej Surý <ondrej@debian.org>  Mon, 28 Nov 2011 08:46:18 +0100

golang (1:60.2-1) unstable; urgency=low

  * Imported Upstream version 60.2

 -- Ondřej Surý <ondrej@debian.org>  Thu, 06 Oct 2011 08:57:00 +0200

golang (1:60.1-1) unstable; urgency=low

  * Imported Upstream version 60.1

 -- Ondřej Surý <ondrej@debian.org>  Mon, 19 Sep 2011 10:18:12 +0200

golang (1:60-1) unstable; urgency=low

  * Imported Upstream version 60
  * Save upstream VERSION to the archive
  * Use GOVERSION as generated by src/version.bash on hg archive time
  * Add support for goinstall dashboard debconf question in the Debian
    packaging
  * Read goinstall dashboard option from debian configuration file
  * Remove 005-goinstall_dont_call_home_by_default.patch; replaced by
    configuration option
  * Fix directory name for upstream archive checkout

 -- Ondřej Surý <ondrej@debian.org>  Tue, 13 Sep 2011 13:13:59 +0200

golang (1:59-1) unstable; urgency=low

  * Imported Upstream version 59
  * Refresh patches to a new release
  * Fix FTBFS on ARM (Closes: #634270)
  * Update version.bash to work with Debian packaging and not hg
    repository

 -- Ondřej Surý <ondrej@debian.org>  Wed, 03 Aug 2011 17:04:59 +0200

golang (1:58.1-2) unstable; urgency=low

  * Install golang-doc package by default (Recommends from golang-tools,
    Depends from golang)

 -- Ondřej Surý <ondrej@debian.org>  Mon, 18 Jul 2011 09:13:43 +0200

golang (1:58.1-1) unstable; urgency=low

  * Imported Upstream version 58.1

 -- Ondřej Surý <ondrej@debian.org>  Wed, 13 Jul 2011 08:39:04 +0200

golang (1:58-1) unstable; urgency=low

  * Imported Upstream version 58
    + Add NEWS file with upstream API changes
  * Remove patch to not update standard package, fixed in upstream

 -- Ondřej Surý <ondrej@debian.org>  Thu, 30 Jun 2011 15:36:35 +0200

golang (1:57.2-1) unstable; urgency=low

  * Imported Upstream version 57.2
  * More spelling fixes (Closes: #630660)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 16 Jun 2011 11:10:58 +0200

golang (1:57.1-4) unstable; urgency=low

  * Description update to have proper articles and capitalization
    (Closes: #630189)
  * Add extended description about Go being experimental and that the
    languager can change between releases

 -- Ondřej Surý <ondrej@debian.org>  Tue, 14 Jun 2011 21:38:11 +0200

golang (1:57.1-3) unstable; urgency=low

  * Fix "the Google's Go implementation" in extended description
    (Closes: #627814)
  * Update Vcs-* links
  * Install vim ftplugin files into correct directory (Closes: #629844)

 -- Ondřej Surý <ondrej@debian.org>  Thu, 09 Jun 2011 10:10:41 +0200

golang (1:57.1-2) unstable; urgency=low

  * Bump standards version to 3.9.2
  * Capitalize Kate (Closes: #627036)
  * Import slightly modified patch to be more clear about $GOPATH
    installs for non-root users
  * Remove don't install deps patch from goinstall; deprecated by
    $GOPATH installs

 -- Ondřej Surý <ondrej@debian.org>  Mon, 23 May 2011 11:07:11 +0200

golang (1:57.1-1) unstable; urgency=low

  * Add support for dot-minor releases
  * Imported Upstream version 57.1

 -- Ondřej Surý <ondrej@debian.org>  Mon, 16 May 2011 11:45:53 +0200

golang (1:57-3) unstable; urgency=low

  [ Florian Weimer ]
  * golang-tools: install gofix binary

  [ Ondřej Surý ]
  * Add lintian-overrides for gofix binary

 -- Ondřej Surý <ondrej@debian.org>  Sat, 07 May 2011 20:41:58 +0200

golang (1:57-2) unstable; urgency=low

  * Remove weekly code from debian/rules
  * Add golang meta-package
  * Don't create tool chain symlinks twice
  * Make debian/rules more generic for simpler sync between weekly
    and release branches

 -- Ondřej Surý <ondrej@debian.org>  Wed, 04 May 2011 16:48:24 +0200

golang (1:57-1) unstable; urgency=low

  * Imported Upstream version r57
  * Bumped epoch version to 1, to convert from date based versions
    to release number based version
  * Allow release to migrate to testing (Closes: #624408)
  * Add kate and vim syntax highlighting (Closes: #624544)
  * Add -dbg package with debugging symbols

 -- Ondřej Surý <ondrej@debian.org>  Wed, 04 May 2011 01:20:07 +0200

golang (2011.04.27-2) unstable; urgency=low

  * Fix yet another build failure on kfreebsd (use linux userspace)

 -- Ondřej Surý <ondrej@debian.org>  Fri, 29 Apr 2011 16:22:47 +0200

golang (2011.04.27-1) unstable; urgency=low

  * Imported Upstream version 2011.04.27
  * Update debian/rules to allow pulling weekly upstream releases
  * Don't remove RUNPATH from binaries; fixed upstream (golang#1527)
  * Set GOHOSTOS and GOHOSTARCH to match dpkg-architecture variables
  * Add support for kfreebsd-i386, kfreebsd-amd64, armel and armhf
    architectures
    + 006-fix_kfreebsd_build.patch:
      - Add GNU/KFreeBSD support by replacing all uname calls by $(GOOS)
    + 007-use_native_dynamic_linker_on_kfreebsd.patch:
      - Use native kfreebsd dynamic linker (/lib/ld-*.so.1)
  * Add information about available architectures (Closes: #623877)
  * Don't strip gotest
  * Add Depends: golang-go to golang-tools
  * Add better support for armhf

 -- Ondřej Surý <ondrej@debian.org>  Thu, 28 Apr 2011 16:14:39 +0200

golang (2011.04.13-1) unstable; urgency=low

  [ Florian Weimer ]
  * Delete bin directory in clean target
  * Enable parallel build
  * golang-src: install source files directly
  * Use proper symlink targets for architecture-independent toolchain
    names
  * Emacs mode: indent keys in struct literals properly

  [ Ondřej Surý ]
  * Imported Upstream weekly version 2011.04.13
  * Update patches to new weekly release
  * Add lintian-override for gotest binary

 -- Ondřej Surý <ondrej@debian.org>  Tue, 26 Apr 2011 09:59:28 +0200

golang (2011.03.07.1-1) unstable; urgency=low

  * Imported Upstream version 2011.03.07.1
  * Install to /usr/lib/go
  * Remove xkcd strip to get rid of CC-NC-BY
  * Update golang-src.install to new upstream
  * Remove 002-use_GOROOT_FINAL_in_generated_binaries.patch; merged
    upstream
  * Make all .go files no-executable
  * Update lintian-overrides to include both types of syntax

 -- Ondřej Surý <ondrej@debian.org>  Wed, 20 Apr 2011 17:36:48 +0200

golang (2011.02.15-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Add ${misc:Depends} to golang-mode to shutup lintian
  * Rehaul build system and add golang-src package with .go source files
  * goinstall: do not automatically install prerequisities
  * goinstall: don't report to dashboard by default
  * Add a README.Debian about local modifications to goinstall
  * Add warning about local modifications also directly to goinstall command

  [ Florian Weimer ]
  * Fix syntax error in 004-
    dont_reinstall_dependencies_in_goinstall.patch

 -- Ondřej Surý <ondrej@debian.org>  Fri, 18 Feb 2011 16:02:09 +0100

golang (2011.02.15-1) unstable; urgency=low

  [ Obey Arthur Liu ]
  * Added pkg-google git repo to control file

  [ Florian Weimer ]
  * Build golang-mode package

  [ Ondřej Surý ]
  * Imported Upstream version 2011.02.15
  * Don't compress godoc documentation
  * Correctly use $GOROOT_FINAL in the build chain
  * Remove RPATH/RUNPATH from go binaries

 -- Ondřej Surý <ondrej@debian.org>  Fri, 18 Feb 2011 11:39:10 +0100

golang (2011.02.01.1-1) unstable; urgency=low

  [ Ivan Wong ]
  * Initial release (Closes: #574371)

  [ Jonathan Nieder ]
  * Fill out copyright file
  * Rewrite debian/rules using dh driver
  * debian: fix get-orig-source rule
  * debian: do not install extra files on repeated build
  * debian: fix reversed ‘if’
  * debian: do not leave around stale debian/env.sh+ file
  * debian: Build-Depends on awk instead of gawk
  * debian: add run-time dependency on perl
  * debian: add build-time dependency on perl
  * debian: fix setting of GOARM on arm
  * debian: do not compress files in web page
  * debian: install favicon

  [ Ondřej Surý ]
  * Make myself a maintainer
  * Add patch to allow IPv4 on IPv6 sockets (Courtesy of Florian Weimer)
  * Use GOROOT_FINAL and change GOBIN to /usr/bin
  * Get rid of env.sh and wrappers
  * Add support for building in i386 pbuilder on amd64 architecture
  * Rename source package to golang to match upstream repository name
  * Add golang-doc package
  * Split package into compiler, docs and tools
  * Don't install quietgcc and hgpatch
  * Don't generate fake gomake
  * Update golang-doc package
  * Export GOHOSTARCH and GOHOSTOS
  * Disable build time checks
  * Fail on missed installed files
  * Revert s{tmp{golang-go{ change in DESTDIR
  * Relicence debian/ files from versionless GPL to GPL-3
  * Move golang-doc to doc section
  * Add more lintian overrides for Go binaries
  * Install all 6,8,5 variants of commands
  * Install golang-* symlinks for 6,8,5* commands
  * Don't strip govet as well
  * Remove ${shlibs:Depends} where it doesn't belong
  * Move more html files to golang-doc package
  * Remove codereview directory - some python code to deal with mercurial

 -- Ondřej Surý <ondrej@debian.org>  Mon, 14 Feb 2011 17:42:39 +0100