golang-go.crypto (1:0.43.0-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 0.43.0.  Closes: #1117749.
  * Use new path to bundle.der.
  * For self-tests, use ssh-agent -T.
  * Skip TestAgentForward that fails with modern OpenSSH.

 -- Simon Josefsson <simon@josefsson.org>  Sun, 12 Oct 2025 22:28:44 +0200

golang-go.crypto (1:0.42.0-4) unstable; urgency=medium

  * Team upload.
  * Ignore failing TestMarshalUnmarshal on s390x.
  * Fix CVE-2025-22869: SSH servers which implement file transfer
    protocols are vulnerable to a denial of service attack from
    clients which complete the key exchange slowly, or not at all,
    causing pending content to be read into memory, but never
    transmitted.  Resolved already in 0.35.0. Closes: #1098968.

 -- Simon Josefsson <simon@josefsson.org>  Tue, 07 Oct 2025 18:13:55 +0200

golang-go.crypto (1:0.42.0-3) unstable; urgency=medium

  * Team upload.
  * Skip TestCSHAKELargeS on s390x.
  * Breaks golang-github-skeema-knownhosts-dev<<1.3.1.

 -- Simon Josefsson <simon@josefsson.org>  Sun, 05 Oct 2025 18:19:10 +0200

golang-go.crypto (1:0.42.0-2) unstable; urgency=medium

  * Team upload.
  * Timeout 10m->25m dh_auto_test for s390x TestCSHAKELargeS.
  * Turn openssh-server into a !nocheck B-D.

 -- Simon Josefsson <simon@josefsson.org>  Sun, 05 Oct 2025 08:11:03 +0200

golang-go.crypto (1:0.42.0-1) unstable; urgency=medium

  * Team upload.
  * Upload to unstable.
  * Use gbp debian-branch debian/latest.

 -- Simon Josefsson <simon@josefsson.org>  Tue, 30 Sep 2025 09:54:41 +0200

golang-go.crypto (1:0.42.0-1~exp1) experimental; urgency=medium

  * Team upload.
  * New upstream version 0.42.0
  * Drop Rules-Requires-Root: no.
  * Use watch v5 file.

 -- Simon Josefsson <simon@josefsson.org>  Sun, 28 Sep 2025 22:33:56 +0200

golang-go.crypto (1:0.41.0-1~exp1) experimental; urgency=medium

  * Team upload.
  * Use gbp debian-branch debian/experimental.
  * New upstream version 0.41.0
  * Refresh patches.
  * Ship bundle.der too.
  * Disable failing pebble self-tests.
  * Bump debian/* copyright years.
  * Standards-Version: 4.7.2.
  * Fix DEP3 Last-Update syntax error.

 -- Simon Josefsson <simon@josefsson.org>  Mon, 01 Sep 2025 11:30:12 +0200

golang-go.crypto (1:0.36.0-1~exp1) experimental; urgency=medium

  * Team upload.
  * New upstream version 0.36.0

 -- Santiago Ruano Rincón <santiagorr@riseup.net>  Tue, 18 Mar 2025 06:59:19 -0300

golang-go.crypto (1:0.33.0-1~exp1) experimental; urgency=medium

  * Team upload
  * New upstream version 0.33.0
    * Fix CVE-2024-45337: Applications and libraries which misuse the
      ServerConfig.PublicKeyCallback callback may be susceptible to an
      authorization bypass. (Closes: #1089754)
  * Remove 0003-ssh-don-t-use-dsa-keys-in-integration-tests.patch, no longer
    needed

 -- Santiago Ruano Rincón <santiagorr@riseup.net>  Fri, 14 Feb 2025 09:43:14 -0300

golang-go.crypto (1:0.25.0-1) unstable; urgency=medium

  * New upstream version 0.25.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Sun, 01 Sep 2024 08:39:31 -0600

golang-go.crypto (1:0.24.0-2) unstable; urgency=medium

  * Bump to golang-golang-x-text-dev (>= 0.16.0) as per go.mod
  * Apply patch "ssh: don't use dsa keys in integration tests"
    by Nicola Murino in commit bb80217080b0e04c6e73e5dcd9f3a9bb11fe23f6
    dated 2024-07-21: "DSA has been disabled by default since OpenSSH 9.8,
    so tests fail with newer versions of OpenSSH".  Fixes FTBFS:
    "client_test.go:149: insert(*dsa.PrivateKey): agent: failure".
    Thanks to Santiago Vila for bringing this to my attention!
    (Closes: #1078281)

 -- Anthony Fok <foka@debian.org>  Sat, 10 Aug 2024 02:57:23 -0600

golang-go.crypto (1:0.24.0-1) unstable; urgency=medium

  * New upstream version 0.24.0
  * Bump versioned dependencies as per go.mod, except for
    golang-golang-x-text-dev (>= 0.16.0) which still needs to be packaged

 -- Anthony Fok <foka@debian.org>  Wed, 31 Jul 2024 11:19:14 -0600

golang-go.crypto (1:0.23.0-1) unstable; urgency=medium

  * New upstream version 0.23.0
  * Bump versioned dependencies as per go.mod
  * Update local copy of golang.org/x/net/idna from v0.10.0 to v0.21.0

 -- Anthony Fok <foka@debian.org>  Mon, 20 May 2024 18:46:25 -0600

golang-go.crypto (1:0.22.0-1) unstable; urgency=medium

  * New upstream version 0.22.0
  * Bump versioned dependencies as per go.mod
  * Bump Standards-Version to 4.7.0 (no change)

 -- Anthony Fok <foka@debian.org>  Fri, 26 Apr 2024 03:11:29 -0600

golang-go.crypto (1:0.21.0-1) unstable; urgency=medium

  * New upstream version 0.21.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Sun, 24 Mar 2024 17:54:46 -0600

golang-go.crypto (1:0.19.0-1) unstable; urgency=medium

  * New upstream version 0.19.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Fri, 23 Feb 2024 19:29:57 -0700

golang-go.crypto (1:0.18.0-1) unstable; urgency=medium

  * New upstream version 0.18.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Mon, 29 Jan 2024 14:46:20 -0700

golang-go.crypto (1:0.17.0-1) unstable; urgency=medium

  * New upstream version 0.17.0
    * CVE-2023-48795
      ssh: implement strict KEX protocol changes
      Implement the "strict KEX" protocol changes, as described in section
      1.9 of the OpenSSH PROTOCOL file (as of OpenSSH version 9.6/9.6p1).
      (Closes: #1059003)

 -- Anthony Fok <foka@debian.org>  Sun, 07 Jan 2024 08:25:22 -0700

golang-go.crypto (1:0.16.0-1) unstable; urgency=medium

  * New upstream version 0.16.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Thu, 07 Dec 2023 01:53:53 -0700

golang-go.crypto (1:0.14.0-1) unstable; urgency=medium

  * New upstream version 0.14.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Wed, 01 Nov 2023 02:00:40 -0600

golang-go.crypto (1:0.13.0-1) unstable; urgency=medium

  * New upstream version 0.13.0
  * Bump versioned dependencies as per go.mod

 -- Anthony Fok <foka@debian.org>  Thu, 12 Oct 2023 01:27:41 -0600

golang-go.crypto (1:0.12.0-1) unstable; urgency=medium

  * New upstream version 0.12.0
  * Bump versioned dependencies as per go.mod
  * Refresh Debian patches

 -- Anthony Fok <foka@debian.org>  Mon, 09 Oct 2023 18:04:57 -0600

golang-go.crypto (1:0.10.0-1) unstable; urgency=medium

  * New upstream version 0.10.0
  * Add debian/update-vendored-golang-x-net-idna.sh script
    to facilitate the download of golang.org/x/net/idna for vendoring
    to avoid circular dependency with golang-golang-x-net-dev;
    see debian/README.source for details.
  * debian/rules: Add execute_after_dh_auto_configure target
    to copy golang.org/x/net into vendor directory during build time
  * Commit our local copy of golang.org/x/net/idna v0.10.0
    downloaded with debian/update-vendored-golang-x-net-idna.sh
  * Bump versioned dependencies as per go.mod,
    removing dependency on golang-golang-x-net-dev, but
    adding dependency on golang-golang-x-text-dev
    which is needed by our vendored copy of golang.org/x/net/idna.

 -- Anthony Fok <foka@debian.org>  Thu, 21 Sep 2023 04:55:01 -0600

golang-go.crypto (1:0.4.0-1) unstable; urgency=medium

  * Team upload
  * New upstream version 0.4.0
  * Update Standards-Version to 4.6.2 (no changes)

 -- Shengjing Zhu <zhsj@debian.org>  Mon, 02 Jan 2023 23:01:47 +0800

golang-go.crypto (1:0.1.0-1) unstable; urgency=medium

  * Team upload

  [ Anthony Fok ]
  * Build-depend explicitly on golang-any (>= 2:1.17~) as per go.mod
    to facilitate backports.
  * Remove unneeded dependency on ${shlibs:Depends}

  [ Shengjing Zhu ]
  * Switch to upstream tag version in uscan
  * New upstream version 0.1.0

 -- Shengjing Zhu <zhsj@debian.org>  Wed, 26 Oct 2022 16:03:49 +0800

golang-go.crypto (1:0.0~git20220829.c86fa9a-1) unstable; urgency=medium

  * New upstream version 0.0~git20220829.c86fa9a
  * Bump dependency: golang-golang-x-net-dev (>= 1:0.0+git20211112.69e39ba)
  * Reorder fields in debian/control and debian/copyright
  * Use dh-sequence-golang instead of dh-golang and --with=golang
  * debian/rules: Invoke dh with --builddirectory=_build
  * Bump Standards-Version to 4.6.1 (no change)
  * debian/golang-golang-x-crypto-dev.docs: Remove AUTHORS and CONTRIBUTORS
    which were deleted upstream; see https://github.com/golang/go/issues/53961

 -- Anthony Fok <foka@debian.org>  Mon, 05 Sep 2022 06:00:18 -0600

golang-go.crypto (1:0.0~git20220315.3147a52-1) unstable; urgency=medium

  * Team upload.

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster
    * Build-Depends: Drop versioned constraint on golang-any.

  [ Shengjing Zhu ]
  * New upstream version 0.0~git20211202.5770296
    * CVE-2022-27191
      Potential crash in a golang.org/x/crypto/ssh server when using custom
      Signer.

 -- Shengjing Zhu <zhsj@debian.org>  Thu, 17 Mar 2022 01:21:05 +0800

golang-go.crypto (1:0.0~git20211202.5770296-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 0.0~git20211202.5770296
    + CVE-2021-43565
      x/crypto/ssh: empty plaintext packet causes panic
  * Add Multi-Arch hint
  * Fix upstream-metadata-field-unknown Homepage

 -- Shengjing Zhu <zhsj@debian.org>  Sat, 04 Dec 2021 02:01:12 +0800

golang-go.crypto (1:0.0~git20210817.32db794-1) unstable; urgency=medium

  * New upstream version 0.0~git20210817.32db794
  * Update versioned dependencies according to go.mod
  * Change Section from devel to golang
  * Bump Standards-Version to 4.6.0 (no change)

 -- Anthony Fok <foka@debian.org>  Fri, 20 Aug 2021 21:56:25 -0600

golang-go.crypto (1:0.0~git20201221.eec23a3-1) unstable; urgency=medium

  * New upstream version 0.0~git20201221.eec23a3
  * Update versioned dependencies according to go.mod
    including new dependency on golang-golang-x-term-dev
  * Bump debhelper dependency to "Build-Depends: debhelper-compat (= 13)"
  * Bump Standards-Version to 4.5.1 (no change)

 -- Anthony Fok <foka@debian.org>  Wed, 30 Dec 2020 22:07:06 -0700

golang-go.crypto (1:0.0~git20201016.9e8e0b3-1) unstable; urgency=medium

  * Upload to unstable.

 -- Roger Shimizu <rosh@debian.org>  Fri, 13 Nov 2020 03:39:51 +0900

golang-go.crypto (1:0.0~git20201016.9e8e0b3-1~exp1) experimental; urgency=medium

  * Team upload.
  * New upstream version 0.0~git20201016.9e8e0b3

 -- Roger Shimizu <rosh@debian.org>  Thu, 12 Nov 2020 03:05:14 +0900

golang-go.crypto (1:0.0~git20200604.70a84ac-2) unstable; urgency=medium

  * Team upload.
  * d/patches: Add patch to skip test fails on reproducible builds.
  * d/upstream/metadata: Update URL for issues.

 -- Roger Shimizu <rosh@debian.org>  Wed, 08 Jul 2020 01:10:18 +0900

golang-go.crypto (1:0.0~git20200604.70a84ac-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 0.0~git20200604.70a84ac

 -- Roger Shimizu <rosh@debian.org>  Tue, 09 Jun 2020 01:33:42 +0900

golang-go.crypto (1:0.0~git20200429.4b2356b-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 0.0~git20200429.4b2356b
  * debian/control: Set Rules-Requires-Root to no
  * Add debian/upstream/metadata

 -- Roger Shimizu <rosh@debian.org>  Tue, 05 May 2020 15:13:45 +0900

golang-go.crypto (1:0.0~git20200221.2aa609c-1) unstable; urgency=high

  * New upstream version 0.0~git20200221.2aa609c
    - ssh: return an error for malformed ed25519 public keys
      rather than panic (v0.0.0-20200220183623-bac4c82f6975).
      Fixes CVE-2020-9283 (Closes: #952462)
  * Previously uploaded upstream version 0.0~git20190701.4def268 contains:
    - salsa20/salsa: fix keystream loop in amd64 assembly when overflowing
      32-bit counter (commit b7391e9, 2019-03-20).  Fixes CVE-2019-11840
    - openpgp/clearsign: reject potentially misleading headers and messages
      (commit c05e17b, 2019-04-24).  Fixes CVE-2019-11841
  * debian/gbp.conf: Set debian-branch to debian/sid for DEP-14 conformance
  * Bump Standards-Version to 4.5.0 (no change)
  * debian/copyright: Add Upstream-Contact
  * Remove d/patches/0001-ssh-test-delete-TestInvalidTerminalMode.patch
    which has been applied upstream as commit 9756ffd
  * Build-Depends on dh-golang (>= 1.48~) to prevent
    "no non-test Go files" error in internal/wycheproof during build
  * Add d/patches/0001-skip-wycheproof_test.patch to skip test
    that access the Internet with "go mod download -json"
  * Override dh_auto_install with --no-binaries
    to prevent /usr/bin/acmeprobe from being built

 -- Anthony Fok <foka@debian.org>  Wed, 26 Feb 2020 13:36:38 -0700

golang-go.crypto (1:0.0~git20190701.4def268-2) unstable; urgency=medium

  * Team upload.
  * d/patches/0001-ssh-test-delete-TestInvalidTerminalMode.patch:
    remove test that fails with new openssh.
  * Add openssh-server to Build-Depends to run more tests at build time.
  * Add myself to Uploaders

 -- Michael Hudson-Doyle <mwhudson@debian.org>  Thu, 29 Aug 2019 11:16:07 +1200

golang-go.crypto (1:0.0~git20190701.4def268-1) unstable; urgency=medium

  * New upstream version 0.0~git20190701.4def268
  * Remove Lintian override debian-watch-file-is-missing
    because we now have a debian/watch file.
  * Apply "cme fix dpkg" fixes
    - Specify compatibility level with "Build-Depends: debhelper-compat (= 12)"
    - Bump Standards-Version to 4.4.0 (no change)
  * Update versioned dependencies according to go.mod

 -- Anthony Fok <foka@debian.org>  Sun, 28 Jul 2019 01:50:27 -0600

golang-go.crypto (1:0.0~git20181203.505ab14-1) unstable; urgency=medium

  * New upstream version 0.0~git20181203.505ab14
  * Add debian/watch (direct access to the git repository)
  * Update Maintainer email address to team+pkg-go@tracker.debian.org
  * Bump Standards-Version to 4.3.0 (no change)

 -- Anthony Fok <foka@debian.org>  Tue, 01 Jan 2019 00:21:15 -0700

golang-go.crypto (1:0.0~git20180614.a8fb68e-1) unstable; urgency=medium

  * Team upload.
  * New upstream version.

 -- Alexandre Viau <aviau@debian.org>  Sat, 16 Jun 2018 19:28:53 -0400

golang-go.crypto (1:0.0~git20180613.37a17fe-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 0.0~git20180613.37a17fe. (Closes: #901503)

 -- Dr. Tobias Quathamer <toddy@debian.org>  Thu, 14 Jun 2018 14:33:54 +0200

golang-go.crypto (1:0.0~git20180513.94e3fad-2) unstable; urgency=medium

  * Build-Depend on golang-golang-x-sys-dev (>= 0.0~git20180510.7dfd129)
    because x/crypto now needs x/sys/cpu introduced on 2018-04-13.

 -- Anthony Fok <foka@debian.org>  Thu, 17 May 2018 09:20:32 -0600

golang-go.crypto (1:0.0~git20180513.94e3fad-1) unstable; urgency=medium

  [ Alexandre Viau ]
  * Point Vcs-* urls to salsa.debian.org.

  [ Anthony Fok ]
  * New upstream version 0.0~git20180513.94e3fad
  * Apply "cme fix dpkg" fixes to debian/control,
    bumping Standard-Version to 4.1.4, etc.
  * Build-Depend on golang-any (>= 2:1.9~)
    because x/crypto now needs math/bits introduced in go1.9.

 -- Anthony Fok <foka@debian.org>  Mon, 14 May 2018 01:11:28 -0600

golang-go.crypto (1:0.0~git20180322.88942b9-1) unstable; urgency=medium

  [ Michael Lustfield ]
  * Team upload.
  * Remove Michael Lustfield (self) from Uploaders list.

  [ Dr. Tobias Quathamer ]
  * New upstream version 0.0~git20180322.88942b9. (Closes: #894459)
    - Add new dependency golang-golang-x-sys-dev
    - Update docs installation after upstream renaming
  * Use debhelper v11
  * Update to Standards-Version 4.1.3
    - Use Priority: optional
  * Remove obsolete DH_GOPKG
  * Remove obsolete DH_GOLANG_INSTALL_ALL
  * Remove obsolete override_dh_auto_configure
  * Use wrap-and-sort
  * Remove transitional package golang-go.crypto-dev
  * Remove version constraints for dh-golang and golang-any.
    Those versions are available in stable and oldstable-bpo.
  * Remove unneeded file d/golang-golang-x-crypto-dev.install
  * Remove unneeded file d/golang-golang-x-crypto-dev.lintian-overrides
  * Update d/copyright

 -- Dr. Tobias Quathamer <toddy@debian.org>  Fri, 30 Mar 2018 22:37:34 +0200

golang-go.crypto (1:0.0~git20170629.0.5ef0053-2) unstable; urgency=medium

  * Team upload.
  * Removed inactive user(s) from Uploaders list. (Closes: #836487)

 -- Michael Lustfield <michael@lustfield.net>  Mon, 24 Jul 2017 23:57:17 -0500

golang-go.crypto (1:0.0~git20170629.0.5ef0053-1) unstable; urgency=medium

  * New upstream snapshot.
  * Delete previously cherry-picked security patch:
    The security fix 0001-ssh-require-host-key-checking_CVE-2017-3204.patch
    is already in the new upstream snapshot.
  * Bump Standards-Version to 4.0.0:
    Use https form of the copyright-format URL in debian/copyright.

 -- Anthony Fok <foka@debian.org>  Fri, 30 Jun 2017 09:10:48 -0600

golang-go.crypto (1:0.0~git20170425.0.c7af5bf-1) experimental; urgency=medium

  * New upstream revision.

 -- Michael Lustfield <michael@lustfield.net>  Wed, 03 May 2017 23:53:10 -0500

golang-go.crypto (1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1) unstable; urgency=medium

  * Reverts previous upload to permit freeze exception.
  * patches/0001-ssh-require-host-key-checking_CVE-2017-3204.patch:
    + CVE-2017-3204: Default behavior changed to require explicitly
      registering a hostkey verification mechanism. (Closes: #859655)

 -- Michael Lustfield <michael@lustfield.net>  Wed, 26 Apr 2017 02:42:23 -0500

golang-go.crypto (1:0.0~git20170407.0.55a552f-1) unstable; urgency=medium

  * Team upload.
  * New upstream version.

 -- Michael Lustfield <michael@lustfield.net>  Sat, 08 Apr 2017 04:13:53 -0500

golang-go.crypto (1:0.0~git20161012.0.5f31782-1) unstable; urgency=medium

  * New upstream version.
  * debian/rules: Ignore .gitignore rather than the obsolete .hgignore file.

 -- Anthony Fok <foka@debian.org>  Sat, 15 Oct 2016 05:22:05 -0600

golang-go.crypto (1:0.0~git20160824.0.351dc6a-1) unstable; urgency=medium

  * New upstream version.
  * Add myself to Uploaders.

 -- Anthony Fok <foka@debian.org>  Sun, 28 Aug 2016 06:02:43 -0600

golang-go.crypto (1:0.0~git20160607.0.77f4136-1) unstable; urgency=medium

  [ Martín Ferrari ]
  * Team upload.
  * Require dh-golang 1.10, for XS-Go-Import-Path.
  * Require golang-go 1.4.2.

  [ Anthony Fok ]
  * New upstream snapshot.
  * Add golang-golang-x-net-dev to Build-Depends and Depends
    for the recently added acme/internal/acme/acme.go
  * Change Build-Depends on golang-go to golang-any.
  * Update Vcs-Git to use https URL.
  * Bump Standards-Version to 3.9.8 (no change).

 -- Anthony Fok <foka@debian.org>  Wed, 08 Jun 2016 04:07:39 -0600

golang-go.crypto (1:0.0~git20151201.0.7b85b09-2) unstable; urgency=medium

  [ Tianon Gravi ]
  * Team upload.

  [ Riku Voipio ]
  * Fix the new package name to not overwrite go.net's binary package.

 -- Tianon Gravi <tianon@debian.org>  Thu, 03 Dec 2015 15:00:04 -0800

golang-go.crypto (1:0.0~git20151201.0.7b85b09-1) unstable; urgency=medium

  * Team upload.
  * New upstream snapshot; 7b85b09 from 2015-12-01 (Closes: #786869).
  * Rename binary package to "golang-golang-x-net-dev" to reflect pkg-go policy
    and add "golang-go.crypto-dev" as a transitional package with appropriate
    relations.
  * Update Homepage and Vcs-Browser to use https versions.

 -- Tianon Gravi <tianon@debian.org>  Tue, 01 Dec 2015 00:34:50 -0800

golang-go.crypto (1:0.0~git20150608-1) unstable; urgency=medium

  * New upstream release, package was renamed to golang.org/x/crypto
  * Use an epoch in the version number since upstream switched from hg to git,
    and 0.0~git20150608 is interpreted as older than hg190 by Debian tools.
  * Fix Maintainer/Uploaders to reflect that the package is team-maintained
  * Bump Standards-Version (no changes necessary)

 -- Michael Stapelberg <stapelberg@debian.org>  Mon, 22 Jun 2015 09:28:14 +0200

golang-go.crypto (0.0~hg190-1) unstable; urgency=low

  * Initial release. Closes: #740791

 -- Tonnerre Lombard <tonnerre@ancient-solutions.com>  Wed, 05 Mar 2014 01:01:44 +0100
