Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

net/url: URL.Parse Multiple Parsing Issues #29098

Open
wir3less opened this issue Dec 4, 2018 · 36 comments
Open

net/url: URL.Parse Multiple Parsing Issues #29098

wir3less opened this issue Dec 4, 2018 · 36 comments
Assignees
Milestone

Comments

@wir3less
Copy link

@wir3less wir3less commented Dec 4, 2018

What version of Go are you using (go version)?

$ go version
go version go1.11.2 windows/amd64

Does this issue reproduce with the latest release?

Yes

What operating system and processor architecture are you using (go env)?

go env Output
$ go env
set GOARCH=amd64
set GOBIN=
set GOCACHE=C:\Users\wir3less\AppData\Local\go-build
set GOEXE=.exe
set GOFLAGS=
set GOHOSTARCH=amd64
set GOHOSTOS=windows
set GOOS=windows
set GOPATH=C:\Users\wir3less\go
set GOPROXY=
set GORACE=
set GOROOT=C:\Go
set GOTMPDIR=
set GOTOOLDIR=C:\Go\pkg\tool\windows_amd64
set GCCGO=gccgo
set CC=gcc
set CXX=g++
set CGO_ENABLED=1
set GOMOD=
set CGO_CFLAGS=-g -O2
set CGO_CPPFLAGS=
set CGO_CXXFLAGS=-g -O2
set CGO_FFLAGS=-g -O2
set CGO_LDFLAGS=-g -O2
set PKG_CONFIG=pkg-config
set GOGCCFLAGS=-m64 -mthreads -fno-caret-diagnostics -Qunused-arguments -fmessage-length=0 -fdebug-prefix-map=C:\Users\wir3less\AppData\Local\Temp\go-build829182294=/tmp/go-build -gno-record-gcc-switches

What did you do?

While playing around with URL.Parse I found a few problems I'd like to share.
I'll gladly share more details if anything is unclear or if someone is interested.

Normally, javascript:alert(1) when parsed by url.parse has no Hostname()
But javascript://alert(1) has a hostname of alert(1)
This can be taken further...
javascript://%250aalert(1)+'aa@google.com/a'a has a hostname of google.com and will pop an alert if relocated to by a browser (after decoding)

IPV6 support also has it's issues...
this URL http://[google.com]:80 has the hostname of google.com
But also do all of these:
http://google.com]:80
http://google.com]:80__Anything_you'd_like_sir
http://[google.com]FreeTextZoneHere]:80

Even without thinking about how this would interact with other systems and parsers,
Just considering code used URL hostname validations and Go's https functions (http.Get() for instance) leveraging url.parse should explain how this could be used maliciously.

Again, will be glad to provide more details if needed.
All POCs can be found here
https://play.golang.org/p/UoqEcxCFY8z

What did you expect to see?

Errors for most of it...

What did you see instead?

Hostnames

@ALTree ALTree changed the title Net/URL: URL.Parse Multiple Parsing Issues net/url: URL.Parse Multiple Parsing Issues Dec 4, 2018
@agnivade
Copy link
Contributor

@agnivade agnivade commented Dec 5, 2018

/cc @bradfitz

@mengzhuo
Copy link
Contributor

@mengzhuo mengzhuo commented Dec 5, 2018

What did you see instead?
Hostnames

I think an invalid error is more appropriate.

@wir3less
Copy link
Author

@wir3less wir3less commented Dec 5, 2018

I agree. Thats what I wrote on the "Expected" field.
Recieving a Hostname is what currently happens.

@mengzhuo
Copy link
Contributor

@mengzhuo mengzhuo commented Dec 5, 2018

I've take a look into url_test.go

go/src/net/url/url_test.go

Lines 423 to 432 in 5e17278

// worst case host, still round trips
{
"scheme://!$&'()*+,;=hello!:port/path",
&URL{
Scheme: "scheme",
Host: "!$&'()*+,;=hello!:port",
Path: "/path",
},
"",
},

You can see this is design on purpose.

@wir3less
Copy link
Author

@wir3less wir3less commented Dec 6, 2018

I see...
Well this is still the wrong behaviour, both in my opinion as well as by the spec.
The fact that we have tests for it doesn't make it right...
Try testing other parsers, non will allow that kind of parsing

@mees-
Copy link

@mees- mees- commented Dec 27, 2018

I don't know if this is the right place to mention this but url.Parse("localhost") sets the Path to "localhost" and the host is empty. I believe this is also an error in the parsing

@fraenkel
Copy link
Contributor

@fraenkel fraenkel commented Dec 27, 2018

@mees- Why would that be an error? You have provided a valid relative path.

@mees-
Copy link

@mees- mees- commented Dec 27, 2018

I'm sorry, I misunderstood the documentation

@wir3less
Copy link
Author

@wir3less wir3less commented Dec 28, 2018

Can I provide any more info to get this issue resolved? No point in leaving this issue open for nothing...

@agnivade
Copy link
Contributor

@agnivade agnivade commented Dec 29, 2018

Try testing other parsers, non will allow that kind of parsing

If you can take each case, and show a comparison of the behavior in Python, Node and Ruby, it will help us understand the situation better.

@wir3less
Copy link
Author

@wir3less wir3less commented Jan 1, 2019

So I've taken the time and compiled the following table
https://docs.google.com/spreadsheets/d/1HNyNO6dVYNhdsd_oLZELw4L17L3hK0r2OcZZv1lrx3Y/edit?usp=sharing

You can notice that for the Javascript URLs, Chrome is the only one actually following the spec, and python is doing a half decent job (has hostname, but ignored http specific chars like '@' in non http schemes.)

For the IPv6 URLs, you can see that Go is by far the most permissive parser.

Please keep in mind that all these vectors can be used to trick and bypass code trying to validate the host of a user-supplied URL.

I'm also going to open bugs for Node and Ruby as they are also in risk of that.

@agnivade
Copy link
Contributor

@agnivade agnivade commented Jan 1, 2019

Thank you for spending time on this !

@wir3less
Copy link
Author

@wir3less wir3less commented Jan 1, 2019

I dug a little deeper on the Node cases.
I used node 10.13.0 for my testing, apparently, there's already 10.15.0
One of the patches is of interest to this issue - https://nodejs.org/en/blog/vulnerability/november-2018-security-releases/#hostname-spoofing-in-url-parser-for-javascript-protocol-cve-2018-12123

So using url.parse() is fixed on Node now, these problems still exist it if you use the new URL() syntax

> new URL("javascript://google.com").host
'google.com'
> url.parse("javascript://google.com").host
null
@wir3less
Copy link
Author

@wir3less wir3less commented Jan 9, 2019

Guys,
Any update here?

@bradfitz bradfitz added this to the Go1.13 milestone Jan 9, 2019
@opennota
Copy link

@opennota opennota commented Jan 10, 2019

   javascript://alert(1) has a hostname of alert(1)
   javascript://%250aalert(1)+'aa@google.com/a'a has a hostname of google.com and will pop an alert if relocated to by a browser (after decoding)

I don't see an issue here. If you're using unescaped and unsanitized data in HTML code, then nothing would help you. And whitelisting is not an option here, while blacklisting isn't a solution as it always can be bypassed by a malicious.actor.

@wir3less
Copy link
Author

@wir3less wir3less commented Jan 10, 2019

Thanks @bradfitz .

@opennota - The URL parser is meant to deal with such data.
You're supposed to be able to pass user-data into it, and it should return an error in case the URL is malformed.
Otherwise, it should return a safe object that correctly represents the URL. Meaning, for example, no Hostname for hostless schemes such as JS.

As for the blacklist approach, I think a piece of code such as the one implemented by Node, should do the trick:
https://github.com/nodejs/node/blob/master/lib/url.js#L277

@wir3less
Copy link
Author

@wir3less wir3less commented Jan 13, 2019

@bradfitz I just realized that go releases a major version every 6 months, and that 1.13 will be released on August 19.
Does that mean this issue will wait till then to get resolved?

@bradfitz
Copy link
Contributor

@bradfitz bradfitz commented Jan 14, 2019

At least, if ever. We don't have a great history of being able to make changes to the URL type without breaking code. So it might need to remain unchanged (or at least only documented). But I can't say because I haven't looked into this bug at all yet or your spreadsheet. But thanks for gathering data.

mholt added a commit to caddyserver/caddy that referenced this issue Aug 13, 2019
ernado added a commit to gortc/stun that referenced this issue Aug 14, 2019
@mikesamuel
Copy link
Contributor

@mikesamuel mikesamuel commented Aug 14, 2019

Is net/url based on STD66 or https://url.spec.whatwg.org/ ?

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Aug 14, 2019

@mikesamuel STD66. It cites RFC 3986 and RFC 2396. Is it relevant here? Do either allow non-numeric ports?

@mikesamuel
Copy link
Contributor

@mikesamuel mikesamuel commented Aug 21, 2019

@FiloSottile

I don't know that they differ around ports.
IIRC, url.spec does differ around javascript://example.com/%0aalert(1).

The Appendix B regex is perfectly happy with non-numeric ports, so it really depends on whether you're strictly matching the grammar or doing approximate decomposition.

stefanb added a commit to stefanb/go that referenced this issue Aug 27, 2019
The TestParseErrors test function was not strict with unwanted errors
received from url.Parse(). It was not failing in such cases, now it does.

Updates golang#33646 and golang#29098
@gopherbot
Copy link

@gopherbot gopherbot commented Aug 27, 2019

Change https://golang.org/cl/191966 mentions this issue: net/url: fail TestParseErrors test when getting an unwanted error

@FiloSottile FiloSottile modified the milestones: Go1.13, Go1.14 Aug 27, 2019
gopherbot pushed a commit that referenced this issue Aug 27, 2019
The TestParseErrors test function was not strict with unwanted errors
received from url.Parse(). It was not failing in such cases, now it does

Fixes #33646
Updates #29098

Change-Id: I069521093e2bff8b1fcd41ffd3f9799f3108bc61
GitHub-Last-Rev: e6844c5
GitHub-Pull-Request: #33876
Reviewed-on: https://go-review.googlesource.com/c/go/+/191966
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
tomocy added a commit to tomocy/go that referenced this issue Sep 1, 2019
The TestParseErrors test function was not strict with unwanted errors
received from url.Parse(). It was not failing in such cases, now it does

Fixes golang#33646
Updates golang#29098

Change-Id: I069521093e2bff8b1fcd41ffd3f9799f3108bc61
GitHub-Last-Rev: e6844c5
GitHub-Pull-Request: golang#33876
Reviewed-on: https://go-review.googlesource.com/c/go/+/191966
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
@EddieIvan01
Copy link

@EddieIvan01 EddieIvan01 commented Sep 3, 2019

So I've taken the time and compiled the following table
https://docs.google.com/spreadsheets/d/1HNyNO6dVYNhdsd_oLZELw4L17L3hK0r2OcZZv1lrx3Y/edit?usp=sharing

You can notice that for the Javascript URLs, Chrome is the only one actually following the spec, and python is doing a half decent job (has hostname, but ignored http specific chars like '@' in non http schemes.)

For the IPv6 URLs, you can see that Go is by far the most permissive parser.

Please keep in mind that all these vectors can be used to trick and bypass code trying to validate the host of a user-supplied URL.

I'm also going to open bugs for Node and Ruby as they are also in risk of that.

Python also has the behavior (Python 3.6.4 (default, Apr 4 2019, 19:58:46))

>>> from urllib.parse import urlparse
>>> urlparse("javascript://%250aalert(1)+'aa@google.com/a'a")
ParseResult(scheme='javascript', netloc="%250aalert(1)+'aa@google.com", path="/a'a", params='', query='', fragment='')
>>> a = _ 
>>> a.hostname
'google.com'
>>> a.username
"%250aalert(1)+'aa"

But in my opinion, this behavior (javascript://%250aalert(1)+'aa@google.com/a') isn't a security bug. Developer should filter XSS while writing to HTML.
And somthing following the indicator of hierarchical URL is authentication and hostname, even if the URL is non-hierarchical, parser dont need to confirm which protocols are hierarchical.

t4n6a1ka added a commit to t4n6a1ka/go that referenced this issue Sep 5, 2019
The TestParseErrors test function was not strict with unwanted errors
received from url.Parse(). It was not failing in such cases, now it does

Fixes golang#33646
Updates golang#29098

Change-Id: I069521093e2bff8b1fcd41ffd3f9799f3108bc61
GitHub-Last-Rev: e6844c5
GitHub-Pull-Request: golang#33876
Reviewed-on: https://go-review.googlesource.com/c/go/+/191966
Run-TryBot: Filippo Valsorda <filippo@golang.org>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
@dwillemv
Copy link

@dwillemv dwillemv commented Oct 2, 2019

The following custom URI was accepted before, but isn't now:
s://1:2.3
A port is extracted as 2.3, which is not a valid port, but our scheme does not define the concept of a port.

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Oct 2, 2019

The following custom URI was accepted before, but isn't now:
s://1:2.3
A port is extracted as 2.3, which is not a valid port, but our scheme does not define the concept of a port.

As far as I can tell, that's not a valid URL according to any spec. I realize it can be useful to use the URL parser for similar formats, but that convenience comes with the security cost of accepting invalid URLs that are surprising to applications that expect well formed URLs, and the name of the package is net/url.

@dwillemv
Copy link

@dwillemv dwillemv commented Oct 2, 2019

Fair enough, I know that is not a URL.
Would you say "file://1:2.3" should fail parsing too?

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Oct 2, 2019

Would you say "file://1:2.3" should fail parsing too?

I think it should, as the correct format for it is file:///1:2.3, where the host is empty. Does it not?

@dwillemv
Copy link

@dwillemv dwillemv commented Oct 2, 2019

I see. I forgot about the third / meaning the part after that is treated as a path, so that wasn't a valid example.
My issue is with the assumption that any hostname that is not an IP will end with a port number.

"http://host:sub" doesn't parse either. I couldn't find if the RFC3986 mandates that the second part of any host string must be a port, but if it is I'll have to live with it. If it isn't I would prefer that the behavior of parse gets relaxed and just return the entire host name string as is.

@FiloSottile
Copy link
Contributor

@FiloSottile FiloSottile commented Oct 2, 2019

If there is a colon in the authority, the part after it is a port, and ports can only be digits.

  authority   = [ userinfo "@" ] host [ ":" port ]
  port        = *DIGIT

https://tools.ietf.org/html/rfc3986#section-3.2

(Of course, the port is optional, but if there is a colon there is a port, by the syntax.)

@rsc rsc modified the milestones: Go1.14, Backlog Oct 9, 2019
kph added a commit to platinasystems/golang-1.14 that referenced this issue Jun 5, 2020
golang-1.14 (1.14~beta1-1) unstable; urgency=medium

  * New upstream major version.

golang-1.13 (1.13.5-1) unstable; urgency=medium

  * New upstream version 1.13.5

golang-1.13 (1.13.4-1) unstable; urgency=medium

  * New upstream version 1.13.4
    - Refresh patches

golang-1.13 (1.13.3-1) unstable; urgency=medium

  * New upstream version 1.13.3
    - Refresh patch
    - crypto/dsa: invalid public key causes panic in dsa.Verify.
      Fixes CVE-2019-17596. Closes: #942628
  * Update Standards-Version to 4.4.1, no changes needed

golang-1.13 (1.13.1-1) unstable; urgency=medium

  * New upstream version 1.13.1
    - net/textproto: don't normalize headers with spaces before the colon.
      Fixes CVE-2019-16276. See golang/go#34541
      and Debian bug #941173

golang-1.13 (1.13-1) unstable; urgency=medium

  * New upstream version 1.13
    - Refresh patch
  * Set pristine-tar for gbp to False

golang-1.13 (1.13~rc2-1) unstable; urgency=medium

  * New upstream version 1.13~rc2
    - Remove patch for CVE-2019-9512 and CVE-2019-9514,
      has been applied upstream

golang-1.13 (1.13~rc1-2) unstable; urgency=medium

  * Exclude testdata from dh_makeshlibs.
    Otherwise, the build fails at least on armel and armhf.
  * Apply changes from cme fix dpkg
  * Set Rules-Requires-Root: no

golang-1.13 (1.13~rc1-1) unstable; urgency=medium

  * New upstream version 1.13~rc1
    - Remove patch for CVE-2019-14809, has been applied upstream
  * Use dh_missing instead of deprecated dh_install --fail-missing
  * Do not run dh_dwz, there is no debugging information
  * Use debhelper-compat (= 12)

golang-1.13 (1.13~beta1-3) unstable; urgency=high

  * Fix Denial of Service vulnerabilities in the HTTP/2 implementation.
    golang/go#33631
    CVE-2019-9512, CVE-2019-9514. Closes: #934955
  * Fix multiple Parsing Issues in URL.Parse
    golang/go#29098
    CVE-2019-14809. Closes: #934954

golang-1.13 (1.13~beta1-2) unstable; urgency=medium

  * Set GOCACHE to fix a FTBFS. (See bug #933958)

golang-1.13 (1.13~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Remove Reproducible-BUILD_PATH_PREFIX_MAP.patch.
      This patch is finally no longer needed with Go 1.13.
      Upstream has implemented a new flag "-trimpath" for the
      command "go build" which either strips the path or
      replaces it in the resulting binaries.
      References:
      golang/go#16860
      https://go-review.googlesource.com/c/go/+/173345/
      https://go-review.googlesource.com/c/go/+/173344/
    - Remove arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch.
      This patch has been cherry-picked from upstream and is now included.
    - Refresh remaining patches
    - Fix lintian warning: make scripts executable
  * Switch to debhelper-compat, but stay at v11 for now

golang-1.12 (1.12.7-1) unstable; urgency=medium

  * New upstream version 1.12.7
    - Refresh patches
  * Update Standards-Version to 4.4.0, no changes needed

golang-1.12 (1.12.5-1) unstable; urgency=medium

  * New upstream version 1.12.5

golang-1.12 (1.12.4-1) unstable; urgency=medium

  [ Anthony Fok ]
  * Add /usr/lib/go-X.Y/{api,misc} symlinks.
    For example, programs such as https://github.com/vugu/vugu and
    documentation such as https://github.com/golang/go/wiki/WebAssembly
    expect to find wasm_exec.js at "$(go env GOROOT)/misc/wasm/wasm_exec.js".

  [ Dr. Tobias Quathamer ]
  * New upstream version 1.12.4
  * Add five lintian overrides for false positives

golang-1.12 (1.12.1-1) unstable; urgency=medium

  * New upstream version 1.12.1
  * Use upstream signing key for tarball verification

golang-1.12 (1.12-1) unstable; urgency=medium

  * New upstream version 1.12
    - Remove patch 0005-Fix-CVE-2019-6486, applied upstream

golang-1.12 (1.12~beta2-2) unstable; urgency=medium

  * Refresh patch Reproducible BUILD_PATH_PREFIX_MAP.
    Thanks to Michael Stapelberg!
  * Add patch to fix CVE-2019-6486. (Closes: #920548)

golang-1.12 (1.12~beta2-1) unstable; urgency=medium

  * New upstream version 1.12~beta2
    - Remove two patches, applied upstream. Refresh remaining patch.

golang-1.12 (1.12~beta1-4) unstable; urgency=medium

  * Switch watch file to version 4
  * Update d/copyright

golang-1.12 (1.12~beta1-3) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "unix: fix Fstatat by using fillStat_t on linux/mips64x"
    This fixes the "Fstatat: returned stat does not match Stat/Lstat"
    errors detected by TestFstatat.
    See https://go-review.googlesource.com/c/sys/+/155747

  [ Dr. Tobias Quathamer ]
  * Add another lintian override

golang-1.12 (1.12~beta1-2) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "cmd/compile: fix MIPS SGTconst-with-shift rules"
    by Cherry Zhang.  This fixes the root problem behind the
    "slice bounds out of range" build error seen in 1.11.4
    on mips and mipsel architectures.
    See https://go-review.googlesource.com/c/go/+/155798
  * Bump Standards-Version to 4.3.0 (no change)

  [ Dr. Tobias Quathamer ]
  * Do not compress favicon.ico.
    Thanks to Dato Simó <dato@debian.org> (Closes: #917132)

golang-1.12 (1.12~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Refresh patches
    - Add new patch to disable test for UserHomeDir
  * Switch team address to tracker.d.o
  * Add another lintian override for a false positive

golang-1.11 (1.11.4-1) unstable; urgency=medium

  * New upstream version 1.11.4
  * Make lintian override agnostic of golang version

golang-1.11 (1.11.3-1) unstable; urgency=medium

  * New upstream version 1.11.3
    - Refresh patches
  * Update gbp.conf to new style syntax
  * Suggest brz as alternative to bzr; it provides the same command-line API.
  * Add myself to Uploaders

golang-1.11 (1.11.2-2) unstable; urgency=medium

  * d/patches/arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch:
    backport workaround for objdump's support of newer mnemonics on arm64.

golang-1.11 (1.11.2-1) unstable; urgency=medium

  * Team upload.

  [ Michael Hudson-Doyle ]
  * New upstream major version.
  * Update debhelper compat level to 11.
  * Remove GOCACHE files after running tests.
  * Stop dh_strip_nondeterminism from looking at testdata directories.

  [ Dr. Tobias Quathamer ]
  * Build-Depend on debhelper v11
  * Override two false positive Lintian errors (missing depends
    on sensible-utils)
  * Add Lintian overrides for testdata
  * Include /usr/share/dpkg/architecture.mk for DEB_HOST_ARCH
  * Refresh patch for new upstream version
  * Fix Lintian warnings about wrong interpreter path
  * Make two scripts executable which have been missed by upstream
  * Remove three unneeded lintian overrides
  * Use HTTPS URL for d/watch
  * Update to Standards-Version 4.2.1
    - Use HTTPS for d/copyright
  * Update d/copyright

golang-1.10 (1.10.3-1) unstable; urgency=medium

  * New upstream version 1.10.3
  * Restore changelog entry for 1.10.1-3, and fix that for 1.10.2-1, oops.

golang-1.10 (1.10.2-1) unstable; urgency=medium

  * New upstream version 1.10.2.
    - d/patches/0003-Backport_nopie_fix.patch: removed, now included upstream.
    - d/patches/0004-Backport_mips_octeon3_fp_fix.patch: removed, also included
      upstream.

golang-1.10 (1.10.1-3) unstable; urgency=high

  * Team upload.

  [ Michael Hudson-Doyle ]
  * Install the 'misc' and 'api' directories as part of the golang-1.10-src
    package as some tools (vgo, go tool trace) expect them to be there.
    (Closes: 894992¸ LP: #1743598)

  [ Martín Ferrari ]
  * Backport fix for FP bug in mips/Octeon III. Closes: #892088. Raising
    severity.

golang-1.10 (1.10.1-2) unstable; urgency=medium

  * Team upload.
  * Backport patch that fixes FTBFS in arm64.
  * debian/copyright: Update attribution.
  * debian/source: Update lintian-overrides.

golang-1.10 (1.10.1-1) unstable; urgency=medium

  * New upstream version 1.10.1.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: update patch tags
    to reference upstream discussion of this topic.
  * d/control, d/control.in: Update Vcs-* to point to salsa.

golang-1.10 (1.10-1) unstable; urgency=medium

  * New upstream version 1.10

golang-1.10 (1.10~rc2-1) unstable; urgency=medium

  * New upstream version, fixing CVE-2018-6574.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch,
    d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch,
    d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    removed, now included upstream.

golang-1.10 (1.10~rc1-2) unstable; urgency=medium

  * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    Backport from upstream to fix build issues on armhf (causes ftbfs on
    Ubuntu but not Debian for some reason, but could produce broken binaries
    on Debian too).

golang-1.10 (1.10~rc1-1) unstable; urgency=medium

  * New upstream version 1.10~rc1.
  * d/patches/0004-cmd-dist-use-buildmode-pie-for-pie-testing.patch,
    d/patches/0006-misc-cgo-testcarchive-use-no-pie-where-needed.patch,
    d/patches/0003-Do-not-use-SP-as-index-reg.patch: removed, included upstream.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: refreshed.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch:
    Add to fix test failure in chroot.
  * d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch:
    Add to fix test failure when $HOME is not writable.
  * d/rules: Set GOCACHE to "off" during build to avoid shipping cache files.

golang-1.9 (1.9.2-4) unstable; urgency=medium

  * Enable building on mips, mipsel and mips64. (Closes: 879764)

golang-1.9 (1.9.2-3) unstable; urgency=medium

  * Remove workaround for now fixed debhelper bug #879762
  * Backport three patches from upstream to fix ftbfs on ppc64el with new kernel.

golang-1.9 (1.9.2-2) unstable; urgency=medium

  [ Martín Ferrari ]
  * Add debian/patches/0003-Do-not-use-SP-as-index-reg.patch (Closes: #877541)

golang-1.9 (1.9.2-1) unstable; urgency=medium

  * New upstream version 1.9.2
  * Work around debhelper bug #879762

golang-1.9 (1.9.1-2) unstable; urgency=medium

  * Update debian/copyright (Closes: #873740)

golang-1.9 (1.9.1-1) unstable; urgency=medium

  * New upstream release.
  * Use my @debian.org address in Uploaders.

golang-1.9 (1.9-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress some new lintian errors in golang-1.9-src.

  [ Michael Stapelberg ]
  * Add debian/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch

golang-1.8 (1.8.3-1) unstable; urgency=medium

  * New upstream release. (Closes: 863292, 863307)

golang-1.8 (1.8.1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc3-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta1-1) unstable; urgency=medium

  * New upstream release.
  * Remove d/patches/cl-29995--tzdata-2016g.patch, included upstream.

golang-1.7 (1.7.4-1) unstable; urgency=medium

  * Update to 1.7.4 upstream release (Closes: #846545)
    - https://groups.google.com/d/topic/golang-announce/2lP5z9i9ySY/discussion
    - https://golang.org/issue/17965 (potential DoS vector in net/http)
    - golang/go@go1.7.3...go1.7.4

golang-1.7 (1.7.3-1) unstable; urgency=medium

  * New upstream release.
  * Delete d/patches/cl-28850.patch, applied upstream.

golang-1.7 (1.7.1-3) unstable; urgency=medium

  * Backport CL 29995 for tzdata 2016g changes (Closes: #839317)

golang-1.7 (1.7.1-2) unstable; urgency=medium

  * Add upstream patch for s390x FTBFS

golang-1.7 (1.7.1-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable tests on s390x now that gcc-6 has been fixed in unstable.

golang-1.7 (1.7-3) unstable; urgency=medium

  * Add "s390x" to Architectures

golang-1.7 (1.7-2) unstable; urgency=medium

  * Disable tests on armel.

golang-1.7 (1.7-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc4-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc3-1) unstable; urgency=medium

  [ Tianon Gravi ]
  * Remove outdated README files (README.source and README.Debian)

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress inaccurate source-is-missing lintian warnings.
  * Update Standards-Version to 3.9.8 (no changes required).

golang-1.7 (1.7~rc2-1) unstable; urgency=medium

  * Update to 1.7rc2 upstream release.

golang-1.7 (1.7~rc1-1) unstable; urgency=medium

  [ Paul Tagliamonte ]
  * Use a secure transport for the Vcs-Git and Vcs-Browser URL

  [ Tianon Gravi ]
  * Update to 1.7rc1 upstream release (new packages, not used by default; see
    also src:golang-defaults)
  * Update Vcs-Git to reference a particular branch

golang-1.6 (1.6.2-2) unstable; urgency=medium

  * Update "golang-any" in "Build-Depends" to fallback to "golang-go | gccgo"
    (will help with backporting)

golang-1.6 (1.6.2-1) unstable; urgency=medium

  * Update to 1.6.2 upstream release (Closes: #825696)
  * Build-Depend on golang-any instead of golang-go (Closes: #824421)

golang-1.6 (1.6.1-1) unstable; urgency=medium

  * Build golang version-specific packages (Closes: #818415)
  * Things that (conceptually at least) move to new golang version independent
    golang-defaults source package:
    - Man pages.
    - Suggesting golang-golang-x-tools.
    - Breaks/Replace-ing of old golang-go-$GOOS-$GOARCH packages.
  * Stop using alternatives to manage /usr/bin/go.
  * sed trickery in debian/rules to support easy changes to new golang versions.

golang (2:1.6.1-2) unstable; urgency=medium

  * Don't strip testdata files, causes build failures on some platforms.

golang (2:1.6.1-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * Breaks/Replaces: older golang-golang-x-tools, not Conflicts, to ensure
    smooth upgrades.
  * Strip the binaries as it has worked for the last five years or so and
    upstream sees no reason to disable it.

  [ Tianon Gravi ]
  * Update to 1.6.1 upstream release (Closes: #820369)
    - Fix CVE-2016-3959: infinite loop in several big integer routines

golang (2:1.6-1) unstable; urgency=medium

  * Update to 1.6 upstream release (thanks Hilko!)
    - change "ar" arguments to quiet spurious warnings while using gccgo
      (Closes: #807138)
    - skip multicast listen test (Closes: #814849)
    - skip userns tests when chrooted (Closes: #807303)
    - use correct ELF header for armhf binaries (Closes: #734357)
    - Update debian/rules clean for new location of generated file.

  [ Michael Hudson-Doyle ]
  * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests
    (Closes: #807290)
  * Trim Build-Depends (Closes: #807299)
  * Fix several minor debian/copyright issues (Closes: #807304)
  * Remove inconsistently included race-built packages (Closes: #807294)

  [ Tianon Gravi ]
  * Add "-k" to "run.bash" invocation so that we do a full test run every time

golang (2:1.5.3-1) unstable; urgency=high

  * Update to 1.5.3 upstream release
    - Fix CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in
      math/big library (Closes: #809168)
  * Add "Breaks" to properly complement our "Replaces" (Closes: #810595)

golang (2:1.5.2-1) unstable; urgency=medium

  * Update to 1.5.2 upstream release (Closes: #807136)

golang (2:1.5.1-4) unstable; urgency=medium

  * Add Conflicts to force newer golang-go.tools too (Closes: #803559)

golang (2:1.5.1-3) unstable; urgency=medium

  * Remove architecture qualification on golang-go Build-Depend now that
    golang-go is available for more architectures.

golang (2:1.5.1-2) unstable; urgency=medium

  * Add Conflicts to force newer golang-golang-x-tools (Closes: #802945).

golang (2:1.5.1-1) unstable; urgency=medium

  * Upload to unstable.
  * Update to 1.5.1 upstream release (see notes from experimental uploads for
    what's changed).
  * Skip tests on architectures where the tests fail.

golang (2:1.4.3-3) unstable; urgency=medium

  * Fix FTBFS for non-amd64 architectures due to handling of "-race".

golang (2:1.5.1-1~exp2) experimental; urgency=medium

  * Upload to experimental.
  * Add arch-qualifiers to "golang-go" build-depends to unblock the buildds
    (Closes: #800479); thanks Tim!

golang (2:1.4.3-2) unstable; urgency=medium

  * Update Recommends/Suggests, especially to add gcc, etc.
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building (mostly backported from the 1.5+ changes), which
    fixes the "arch:all" FTBFS.

golang (2:1.5.1-1~exp1) experimental; urgency=low

  * Upload to experimental.
  * Update to 1.5.1 upstream release (Closes: #796150).
    - Compiler and runtime written entirely in Go.
    - Concurrent garbage collector.
    - GOMAXPROCS=runtime.NumCPU() by default.
    - "internal" packages for all, not just core.
    - Experimental "vendoring" support.
    - Cross-compilation no longer requires a complete rebuild of the stdlib in
      GOROOT, and thus the golang-go-GOHOST-GOARCH packages are removed.
  * Sync debian/copyright with the Ubuntu delta. (thanks doko!)
  * Remove patches that no longer apply.
  * Add more supported arches to "debian/rules" code for detecting
    appropriate GOARCH/GOHOSTARCH values; thanks mwhudson and tpot!
    (Closes: #799907)
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building.
  * Move "dpkg-architecture" to "GOOS"/"GOARCH" code into a simple shell script
    for easier maintenance.

golang (2:1.4.3-1) unstable; urgency=medium

  * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor)
    - includes previous CVE and non-CVE security fixes, especially
      TEMP-0000000-1C4729

golang (2:1.4.2-4) unstable; urgency=high

  * Apply backported CVE fixes (Closes: #795106).
    - CVE-2015-5739: Invalid headers are parsed as valid headers
    - CVE-2015-5740: RFC 7230 3.3.3 4 violation
    - CVE-2015-5741: other discoveries of security-relevant RFC 7230 violations

golang (2:1.4.2-3) unstable; urgency=medium

  * Add missing "prerm" for our new alternatives (thanks piuparts).

golang (2:1.4.2-2) unstable; urgency=medium

  * Move "go" and "gofmt" into "/usr/lib/go" and use alternatives to provide
    appropriate symlinks (Closes: #779503, #782301).
  * Relax "golang-go.tools" relationship to Suggests (from Recommends).
  * Add "go get" VCS options to Suggests for golang-go (bzr, git, mercurial,
    subversion).

golang (2:1.4.2-1) unstable; urgency=medium

  * New upstream version
    (https://golang.org/doc/devel/release.html#go1.4.minor)

golang (2:1.4.1-1~exp1) experimental; urgency=low

  * New upstream version (https://golang.org/doc/go1.4)
    - all editor support files have been removed from misc/ upstream upstream,
      so golang-mode, kate-syntax-go, and vim-syntax-go can no longer be
      provided; see https://github.com/golang/go/wiki/IDEsAndTextEditorPlugins
      for an upstream-maintained list of potential replacements

golang (2:1.3.3-1) unstable; urgency=medium

  * New upstream version (https://code.google.com/p/go/source/list?name=go1.3.3)
    - time: removed from tests now obsolete assumption about Australian tz
      abbreviations
    - net: temporarily skip TestAcceptIgnoreSomeErrors
    - runtime: hide cgocallback_gofunc calling cgocallbackg from linker
    - runtime: fix GOTRACEBACK reading on Windows, Plan 9
    - nacltest.bash: unset GOROOT
    - cmd/5l, cmd/6l, cmd/8l: fix nacl binary corruption bug
  * Add Paul and myself as uploaders. Many, many thanks to Michael for his work
    so far on this package (and hopefully more to come).

golang (2:1.3.2-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3.1-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3-4) unstable; urgency=medium

  [ Tianon Gravi ]
  * update debian/watch for upstream's latest move (Closes: #756415)
  * backport archive/tar patch to fix PAX headers (Closes: #756416)

golang (2:1.3-3) unstable; urgency=medium

  * don’t depend on emacs23, depend on emacs instead (Closes: #754013)
  * install include/ in golang-src, VERSION in golang-go (Closes: #693186)

golang (2:1.3-2) unstable; urgency=medium

  * Add /usr/lib/go/test symlink
  * Build with GO386=387 to favor the 387 floating point unit over sse2
    instructions (Closes: #753160)
  * Add debian/patches/0001-backport-delete-whole-line.patch to fix a
    deprecation warning about flet in the emacs part of golang-mode
    (Closes: #753607)
  * Migrate to emacsen >2 (Closes: #753607)
  * Backport two patches to improve archive/tar performance (for docker):
    debian/patches/0002-archive-tar-reuse-temporary-buffer-in-writeHeader.patch
    debian/patches/0003-archive-tar-reuse-temporary-buffer-in-readHeader.patch

golang (2:1.3-1) unstable; urgency=medium

  * New upstream version.
  * Drop patches merged upstream:
    - debian/patches/add-tar-xattr-support.patch
    - debian/patches/add-tar-xattr-support.patch
  * Fix debian/watch (Thanks Tianon) (Closes: #748290)
  * Remove dangling symlink /usr/lib/go/lib/godoc (Closes: #747968)

golang (2:1.2.1-2) unstable; urgency=low

  * Re-apply debian/patches/add-tar-xattr-support.patch which got lost when
    uploading 1.2.1-1; sorry about that.

golang (2:1.2.1-1) unstable; urgency=low

  * New upstream release.

golang (2:1.2-3) unstable; urgency=low

  * add debian/patches/add-tar-xattr-support.patch to have xattr support in
    tar (cherry-picked from upstream) (Thanks proppy) (Closes: #739586)

golang (2:1.2-2) unstable; urgency=low

  * add patches/add-src-pkg-debug-elf-testdata-hello.patch to provide source
    for the testdata/ ELF binaries (Closes: #716853)

golang (2:1.2-1) unstable; urgency=low

  * New upstream release.
  * drop patches/archive-tar-fix-links-and-pax.patch, it is merged upstream
  * godoc(1) is now in the Debian package golang-go.tools, it was moved into a
    separate repository by upstream.
  * move patches/godoc-symlinks.diff to golang-go.tools

golang (2:1.1.2-3) unstable; urgency=low

  * cherry-pick upstream commit: archive-tar-fix-links-and-pax.patch
    (Closes: #730566)

golang (2:1.1.2-2) unstable; urgency=low

  * Build golang-go-linux-* for each architecture (Thanks James Page)
    (Closes: #719611)
  * Update lintian-overrides to override statically-linked-binary and
    unstripped-binary-or-object for all of golang-go

golang (2:1.1.2-1) unstable; urgency=low

  * New upstream release.
  * Relicense debian/ under the Go license to match upstream. All copyright
    holders agreed to this. (Closes: #716907)
  * golang-mode: don’t install for a number of emacs versions which are not
    supported upstream (Thanks Kevin Ryde) (Closes: #702511, #717521)

golang (2:1.1.1-4) unstable; urgency=low

  * Disable stripping, it breaks go binaries on some architectures. This drops
    the golang-dbg package which would be empty now. (Thanks Robie Basak)
    (Closes: #717172)

golang (2:1.1.1-3) unstable; urgency=low

  * Ship */runtime/cgo.a in golang-go to ensure it is present. It can only be
    used on the native architecture anyway (cannot be used when
    cross-compiling), so having it in golang-go-$GOOS-$GOARCH is not
    necessary. Even worse, since these packages are arch: all, they will be
    built precisely once, and only the runtime/cgo.a for the buildd’s native
    arch will be present. (Closes: #715025)

golang (2:1.1.1-2) unstable; urgency=low

  [ James Page ]
  * Ensure smooth upgrade path from << 2:1.1-2 (Closes: #714838)

golang (2:1.1.1-1) unstable; urgency=low

  * Imported Upstream version 1.1.1

golang (2:1.1-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Promote Michael to Maintainer

  [ Michael Stapelberg ]
  * Build golang-go-$GOOS-$GOARCH packages for cross-compiling (Closes: #710090)
  * Build race detector on linux/amd64 (only supported arch) (Closes: #710691)
  * Switch compression to xz (50% smaller binaries)

golang (2:1.1-1) unstable; urgency=low

  * New upstream release: Go 1.1!
  * Remove the long obsolete goinstall debconf question and config file.
    goinstall does not exist anymore since a long time.
    This also obsoletes the need for any translations
    (Closes: #685923, #692478)
  * Emacs go-mode auto-mode-alist entry was fixed upstream (Closes: #670371)

golang (2:1.1~hg20130405-1) experimental; urgency=low

  * Provide a new hg tip snapshot. This includes what was recently released as
    Go 1.1 beta.

golang (2:1.1~hg20130323-1) experimental; urgency=low

  * Provide a new hg tip snapshot.
  * Add debian/watch (Closes: #699698)

golang (2:1.1~hg20130304-2) experimental; urgency=low

  * Fix FTBFS of binary-arch only builds (as performed by buildds)
    caused by 'rm' not finding jquery.js in golang-doc
    (Thanks Peter Green)

golang (2:1.1~hg20130304-1) experimental; urgency=low

  * Provide a hg tip snapshot (2013-03-04) in Debian experimental.
    Current hg tip is a good approximation to Go 1.1 and should get
    some testing within Debian in order to package Go 1.1 well when
    it is released. Thanks to Andrew Gerrand.

golang (2:1.0.2-2) unstable; urgency=low

  * Add myself to uploaders, as discussed in #683421.
  * cherry-pick r820ffde8c396 (net/http: non-keepalive connections close
    successfully) (Closes: #683421)

golang (2:1.0.2-1.1) unstable; urgency=low

  * Non-maintainer upload. (as discussed with Ondřej in #679692)
  * Fix godoc-symlinks.diff (godoc didn’t find docs) (Closes: #679692)

golang (2:1.0.2-1) unstable; urgency=low

  [ Ondřej Surý ]
  * Imported Upstream version 1.0.2
  * Update Vcs fields to reflect new git repository location
  * Kill get-orig-source, since 1.0.0, the tarballs can be downloaded from
    webpage

  [ Michael Stapelberg ]
  * golang-mode: use debian-pkg-add-load-path-item (Closes: #664802)
  * add manpages (Closes: #632964)
  * Use updated pt.po from Pedro Ribeiro (Closes: #674958)

golang (2:1.0.1-1) unstable; urgency=low

  * Imported Upstream version 1.0.1
  * Apply godoc patch to display package list correctly (Closes: #669354)

golang (2:1-6) unstable; urgency=low

  * Merge upstream patch to fix homedir issue
    (http://code.google.com/p/go/source/detail?r=709120aecee0)
  * Disable GNU/KFreeBSD build (Closes: #668794)

golang (2:1-5) unstable; urgency=low

  * Rewrite test conditions to make them more readable
    (and fix the debian/rules to really not check on armel+kfreebsd)
  * Patch upstream test to not fail on missing home directory

golang (2:1-4) unstable; urgency=low

  * Disable tests on Debian GNU/KFreeBSD, they just hang now (Closes: #668794)
  * Disable tests on armel, but the invalid instruction needs fixing in
    upstream
  * Create fake home directory to pass the os/user test

golang (2:1-3) unstable; urgency=high

  * Use VERSION provided by upstream for packaging purposes
  * Run tests as a part of a build process
  * Install full src tree (except pkg/debug) because go command depend
    on sources available
  * Install sources without testdata and *_test.go
  * Remove circular dependency golang-go->golang-doc->golang-go
  * Make sure that timestamp on installed binaries and libraries is same
    because go build/install recompiles everything if the go binary has
    more recent timestamp than libraries (Closes: #668235)
    + Need to update timestamps at postinst time because already created
      directories can have time in the past
  * Fix couple of lintian errors and warnings

golang (2:1-2) unstable; urgency=low

  * Remove preserving of old -tools settings, there are too many options
    now anyway (Closes: #666007)

golang (2:1-1) unstable; urgency=low

  * New major upstream release Go 1 (Closes: #666942)
  * Bumb epoch to 2, since 1 < 60 < 2011 (I wonder if next version will be 0 :)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. (Closes: #663181)
  * [Debconf translation updates]
    + Pick existing translations from golang-weekly and do appropriate
      sed magic to fit golang templates. (Closes: #666884, #666880, #666881)
    + Dutch; (Jeroen Schot).  (Closes: #664598)
    + Czech (Michal Simunek).  (Closes: #665385)
    + Spanish; (Camaleón).  (Closes: #666177)
    + Danish (Joe Hansen).  (Closes: #666526)

golang (1:60.3-2) unstable; urgency=low

  * debconf-gettextize package templates

golang (1:60.3-1) unstable; urgency=low

  * Imported Upstream version 60.3

golang (1:60.2-1) unstable; urgency=low

  * Imported Upstream version 60.2

golang (1:60.1-1) unstable; urgency=low

  * Imported Upstream version 60.1

golang (1:60-1) unstable; urgency=low

  * Imported Upstream version 60
  * Save upstream VERSION to the archive
  * Use GOVERSION as generated by src/version.bash on hg archive time
  * Add support for goinstall dashboard debconf question in the Debian
    packaging
  * Read goinstall dashboard option from debian configuration file
  * Remove 005-goinstall_dont_call_home_by_default.patch; replaced by
    configuration option
  * Fix directory name for upstream archive checkout

golang (1:59-1) unstable; urgency=low

  * Imported Upstream version 59
  * Refresh patches to a new release
  * Fix FTBFS on ARM (Closes: #634270)
  * Update version.bash to work with Debian packaging and not hg
    repository

golang (1:58.1-2) unstable; urgency=low

  * Install golang-doc package by default (Recommends from golang-tools,
    Depends from golang)

golang (1:58.1-1) unstable; urgency=low

  * Imported Upstream version 58.1

golang (1:58-1) unstable; urgency=low

  * Imported Upstream version 58
    + Add NEWS file with upstream API changes
  * Remove patch to not update standard package, fixed in upstream

golang (1:57.2-1) unstable; urgency=low

  * Imported Upstream version 57.2
  * More spelling fixes (Closes: #630660)

golang (1:57.1-4) unstable; urgency=low

  * Description update to have proper articles and capitalization
    (Closes: #630189)
  * Add extended description about Go being experimental and that the
    languager can change between releases

golang (1:57.1-3) unstable; urgency=low

  * Fix "the Google's Go implementation" in extended description
    (Closes: #627814)
  * Update Vcs-* links
  * Install vim ftplugin files into correct directory (Closes: #629844)

golang (1:57.1-2) unstable; urgency=low

  * Bump standards version to 3.9.2
  * Capitalize Kate (Closes: #627036)
  * Import slightly modified patch to be more clear about $GOPATH
    installs for non-root users
  * Remove don't install deps patch from goinstall; deprecated by
    $GOPATH installs

golang (1:57.1-1) unstable; urgency=low

  * Add support for dot-minor releases
  * Imported Upstream version 57.1

golang (1:57-3) unstable; urgency=low

  [ Florian Weimer ]
  * golang-tools: install gofix binary

  [ Ondřej Surý ]
  * Add lintian-overrides for gofix binary

golang (1:57-2) unstable; urgency=low

  * Remove weekly code from debian/rules
  * Add golang meta-package
  * Don't create tool chain symlinks twice
  * Make debian/rules more generic for simpler sync between weekly
    and release branches

golang (1:57-1) unstable; urgency=low

  * Imported Upstream version r57
  * Bumped epoch version to 1, to convert from date based versions
    to release number based version
  * Allow release to migrate to testing (Closes: #624408)
  * Add kate and vim syntax highlighting (Closes: #624544)
  * Add -dbg package with debugging symbols

golang (2011.04.27-2) unstable; urgency=low

  * Fix yet another build failure on kfreebsd (use linux userspace)

golang (2011.04.27-1) unstable; urgency=low

  * Imported Upstream version 2011.04.27
  * Update debian/rules to allow pulling weekly upstream releases
  * Don't remove RUNPATH from binaries; fixed upstream (golang#1527)
  * Set GOHOSTOS and GOHOSTARCH to match dpkg-architecture variables
  * Add support for kfreebsd-i386, kfreebsd-amd64, armel and armhf
    architectures
    + 006-fix_kfreebsd_build.patch:
      - Add GNU/KFreeBSD support by replacing all uname calls by $(GOOS)
    + 007-use_native_dynamic_linker_on_kfreebsd.patch:
      - Use native kfreebsd dynamic linker (/lib/ld-*.so.1)
  * Add information about available architectures (Closes: #623877)
  * Don't strip gotest
  * Add Depends: golang-go to golang-tools
  * Add better support for armhf

golang (2011.04.13-1) unstable; urgency=low

  [ Florian Weimer ]
  * Delete bin directory in clean target
  * Enable parallel build
  * golang-src: install source files directly
  * Use proper symlink targets for architecture-independent toolchain
    names
  * Emacs mode: indent keys in struct literals properly

  [ Ondřej Surý ]
  * Imported Upstream weekly version 2011.04.13
  * Update patches to new weekly release
  * Add lintian-override for gotest binary

golang (2011.03.07.1-1) unstable; urgency=low

  * Imported Upstream version 2011.03.07.1
  * Install to /usr/lib/go
  * Remove xkcd strip to get rid of CC-NC-BY
  * Update golang-src.install to new upstream
  * Remove 002-use_GOROOT_FINAL_in_generated_binaries.patch; merged
    upstream
  * Make all .go files no-executable
  * Update lintian-overrides to include both types of syntax

golang (2011.02.15-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Add ${misc:Depends} to golang-mode to shutup lintian
  * Rehaul build system and add golang-src package with .go source files
  * goinstall: do not automatically install prerequisities
  * goinstall: don't report to dashboard by default
  * Add a README.Debian about local modifications to goinstall
  * Add warning about local modifications also directly to goinstall command

  [ Florian Weimer ]
  * Fix syntax error in 004-
    dont_reinstall_dependencies_in_goinstall.patch

golang (2011.02.15-1) unstable; urgency=low

  [ Obey Arthur Liu ]
  * Added pkg-google git repo to control file

  [ Florian Weimer ]
  * Build golang-mode package

  [ Ondřej Surý ]
  * Imported Upstream version 2011.02.15
  * Don't compress godoc documentation
  * Correctly use $GOROOT_FINAL in the build chain
  * Remove RPATH/RUNPATH from go binaries

golang (2011.02.01.1-1) unstable; urgency=low

  [ Ivan Wong ]
  * Initial release (Closes: #574371)

  [ Jonathan Nieder ]
  * Fill out copyright file
  * Rewrite debian/rules using dh driver
  * debian: fix get-orig-source rule
  * debian: do not install extra files on repeated build
  * debian: fix reversed ‘if’
  * debian: do not leave around stale debian/env.sh+ file
  * debian: Build-Depends on awk instead of gawk
  * debian: add run-time dependency on perl
  * debian: add build-time dependency on perl
  * debian: fix setting of GOARM on arm
  * debian: do not compress files in web page
  * debian: install favicon

  [ Ondřej Surý ]
  * Make myself a maintainer
  * Add patch to allow IPv4 on IPv6 sockets (Courtesy of Florian Weimer)
  * Use GOROOT_FINAL and change GOBIN to /usr/bin
  * Get rid of env.sh and wrappers
  * Add support for building in i386 pbuilder on amd64 architecture
  * Rename source package to golang to match upstream repository name
  * Add golang-doc package
  * Split package into compiler, docs and tools
  * Don't install quietgcc and hgpatch
  * Don't generate fake gomake
  * Update golang-doc package
  * Export GOHOSTARCH and GOHOSTOS
  * Disable build time checks
  * Fail on missed installed files
  * Revert s{tmp{golang-go{ change in DESTDIR
  * Relicence debian/ files from versionless GPL to GPL-3
  * Move golang-doc to doc section
  * Add more lintian overrides for Go binaries
  * Install all 6,8,5 variants of commands
  * Install golang-* symlinks for 6,8,5* commands
  * Don't strip govet as well
  * Remove ${shlibs:Depends} where it doesn't belong
  * Move more html files to golang-doc package
  * Remove codereview directory - some python code to deal with mercurial
kph added a commit to platinasystems/golang-1.14 that referenced this issue Jun 5, 2020
golang-1.14 (1.14~beta1-2) unstable; urgency=medium

  * Source-only upload.
  * Add two more lintian overrides for testdata

golang-1.14 (1.14~beta1-1) unstable; urgency=medium

  * New upstream major version.

golang-1.13 (1.13.5-1) unstable; urgency=medium

  * New upstream version 1.13.5

golang-1.13 (1.13.4-1) unstable; urgency=medium

  * New upstream version 1.13.4
    - Refresh patches

golang-1.13 (1.13.3-1) unstable; urgency=medium

  * New upstream version 1.13.3
    - Refresh patch
    - crypto/dsa: invalid public key causes panic in dsa.Verify.
      Fixes CVE-2019-17596. Closes: #942628
  * Update Standards-Version to 4.4.1, no changes needed

golang-1.13 (1.13.1-1) unstable; urgency=medium

  * New upstream version 1.13.1
    - net/textproto: don't normalize headers with spaces before the colon.
      Fixes CVE-2019-16276. See golang/go#34541
      and Debian bug #941173

golang-1.13 (1.13-1) unstable; urgency=medium

  * New upstream version 1.13
    - Refresh patch
  * Set pristine-tar for gbp to False

golang-1.13 (1.13~rc2-1) unstable; urgency=medium

  * New upstream version 1.13~rc2
    - Remove patch for CVE-2019-9512 and CVE-2019-9514,
      has been applied upstream

golang-1.13 (1.13~rc1-2) unstable; urgency=medium

  * Exclude testdata from dh_makeshlibs.
    Otherwise, the build fails at least on armel and armhf.
  * Apply changes from cme fix dpkg
  * Set Rules-Requires-Root: no

golang-1.13 (1.13~rc1-1) unstable; urgency=medium

  * New upstream version 1.13~rc1
    - Remove patch for CVE-2019-14809, has been applied upstream
  * Use dh_missing instead of deprecated dh_install --fail-missing
  * Do not run dh_dwz, there is no debugging information
  * Use debhelper-compat (= 12)

golang-1.13 (1.13~beta1-3) unstable; urgency=high

  * Fix Denial of Service vulnerabilities in the HTTP/2 implementation.
    golang/go#33631
    CVE-2019-9512, CVE-2019-9514. Closes: #934955
  * Fix multiple Parsing Issues in URL.Parse
    golang/go#29098
    CVE-2019-14809. Closes: #934954

golang-1.13 (1.13~beta1-2) unstable; urgency=medium

  * Set GOCACHE to fix a FTBFS. (See bug #933958)

golang-1.13 (1.13~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Remove Reproducible-BUILD_PATH_PREFIX_MAP.patch.
      This patch is finally no longer needed with Go 1.13.
      Upstream has implemented a new flag "-trimpath" for the
      command "go build" which either strips the path or
      replaces it in the resulting binaries.
      References:
      golang/go#16860
      https://go-review.googlesource.com/c/go/+/173345/
      https://go-review.googlesource.com/c/go/+/173344/
    - Remove arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch.
      This patch has been cherry-picked from upstream and is now included.
    - Refresh remaining patches
    - Fix lintian warning: make scripts executable
  * Switch to debhelper-compat, but stay at v11 for now

golang-1.12 (1.12.7-1) unstable; urgency=medium

  * New upstream version 1.12.7
    - Refresh patches
  * Update Standards-Version to 4.4.0, no changes needed

golang-1.12 (1.12.5-1) unstable; urgency=medium

  * New upstream version 1.12.5

golang-1.12 (1.12.4-1) unstable; urgency=medium

  [ Anthony Fok ]
  * Add /usr/lib/go-X.Y/{api,misc} symlinks.
    For example, programs such as https://github.com/vugu/vugu and
    documentation such as https://github.com/golang/go/wiki/WebAssembly
    expect to find wasm_exec.js at "$(go env GOROOT)/misc/wasm/wasm_exec.js".

  [ Dr. Tobias Quathamer ]
  * New upstream version 1.12.4
  * Add five lintian overrides for false positives

golang-1.12 (1.12.1-1) unstable; urgency=medium

  * New upstream version 1.12.1
  * Use upstream signing key for tarball verification

golang-1.12 (1.12-1) unstable; urgency=medium

  * New upstream version 1.12
    - Remove patch 0005-Fix-CVE-2019-6486, applied upstream

golang-1.12 (1.12~beta2-2) unstable; urgency=medium

  * Refresh patch Reproducible BUILD_PATH_PREFIX_MAP.
    Thanks to Michael Stapelberg!
  * Add patch to fix CVE-2019-6486. (Closes: #920548)

golang-1.12 (1.12~beta2-1) unstable; urgency=medium

  * New upstream version 1.12~beta2
    - Remove two patches, applied upstream. Refresh remaining patch.

golang-1.12 (1.12~beta1-4) unstable; urgency=medium

  * Switch watch file to version 4
  * Update d/copyright

golang-1.12 (1.12~beta1-3) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "unix: fix Fstatat by using fillStat_t on linux/mips64x"
    This fixes the "Fstatat: returned stat does not match Stat/Lstat"
    errors detected by TestFstatat.
    See https://go-review.googlesource.com/c/sys/+/155747

  [ Dr. Tobias Quathamer ]
  * Add another lintian override

golang-1.12 (1.12~beta1-2) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "cmd/compile: fix MIPS SGTconst-with-shift rules"
    by Cherry Zhang.  This fixes the root problem behind the
    "slice bounds out of range" build error seen in 1.11.4
    on mips and mipsel architectures.
    See https://go-review.googlesource.com/c/go/+/155798
  * Bump Standards-Version to 4.3.0 (no change)

  [ Dr. Tobias Quathamer ]
  * Do not compress favicon.ico.
    Thanks to Dato Simó <dato@debian.org> (Closes: #917132)

golang-1.12 (1.12~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Refresh patches
    - Add new patch to disable test for UserHomeDir
  * Switch team address to tracker.d.o
  * Add another lintian override for a false positive

golang-1.11 (1.11.4-1) unstable; urgency=medium

  * New upstream version 1.11.4
  * Make lintian override agnostic of golang version

golang-1.11 (1.11.3-1) unstable; urgency=medium

  * New upstream version 1.11.3
    - Refresh patches
  * Update gbp.conf to new style syntax
  * Suggest brz as alternative to bzr; it provides the same command-line API.
  * Add myself to Uploaders

golang-1.11 (1.11.2-2) unstable; urgency=medium

  * d/patches/arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch:
    backport workaround for objdump's support of newer mnemonics on arm64.

golang-1.11 (1.11.2-1) unstable; urgency=medium

  * Team upload.

  [ Michael Hudson-Doyle ]
  * New upstream major version.
  * Update debhelper compat level to 11.
  * Remove GOCACHE files after running tests.
  * Stop dh_strip_nondeterminism from looking at testdata directories.

  [ Dr. Tobias Quathamer ]
  * Build-Depend on debhelper v11
  * Override two false positive Lintian errors (missing depends
    on sensible-utils)
  * Add Lintian overrides for testdata
  * Include /usr/share/dpkg/architecture.mk for DEB_HOST_ARCH
  * Refresh patch for new upstream version
  * Fix Lintian warnings about wrong interpreter path
  * Make two scripts executable which have been missed by upstream
  * Remove three unneeded lintian overrides
  * Use HTTPS URL for d/watch
  * Update to Standards-Version 4.2.1
    - Use HTTPS for d/copyright
  * Update d/copyright

golang-1.10 (1.10.3-1) unstable; urgency=medium

  * New upstream version 1.10.3
  * Restore changelog entry for 1.10.1-3, and fix that for 1.10.2-1, oops.

golang-1.10 (1.10.2-1) unstable; urgency=medium

  * New upstream version 1.10.2.
    - d/patches/0003-Backport_nopie_fix.patch: removed, now included upstream.
    - d/patches/0004-Backport_mips_octeon3_fp_fix.patch: removed, also included
      upstream.

golang-1.10 (1.10.1-3) unstable; urgency=high

  * Team upload.

  [ Michael Hudson-Doyle ]
  * Install the 'misc' and 'api' directories as part of the golang-1.10-src
    package as some tools (vgo, go tool trace) expect them to be there.
    (Closes: 894992¸ LP: #1743598)

  [ Martín Ferrari ]
  * Backport fix for FP bug in mips/Octeon III. Closes: #892088. Raising
    severity.

golang-1.10 (1.10.1-2) unstable; urgency=medium

  * Team upload.
  * Backport patch that fixes FTBFS in arm64.
  * debian/copyright: Update attribution.
  * debian/source: Update lintian-overrides.

golang-1.10 (1.10.1-1) unstable; urgency=medium

  * New upstream version 1.10.1.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: update patch tags
    to reference upstream discussion of this topic.
  * d/control, d/control.in: Update Vcs-* to point to salsa.

golang-1.10 (1.10-1) unstable; urgency=medium

  * New upstream version 1.10

golang-1.10 (1.10~rc2-1) unstable; urgency=medium

  * New upstream version, fixing CVE-2018-6574.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch,
    d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch,
    d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    removed, now included upstream.

golang-1.10 (1.10~rc1-2) unstable; urgency=medium

  * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    Backport from upstream to fix build issues on armhf (causes ftbfs on
    Ubuntu but not Debian for some reason, but could produce broken binaries
    on Debian too).

golang-1.10 (1.10~rc1-1) unstable; urgency=medium

  * New upstream version 1.10~rc1.
  * d/patches/0004-cmd-dist-use-buildmode-pie-for-pie-testing.patch,
    d/patches/0006-misc-cgo-testcarchive-use-no-pie-where-needed.patch,
    d/patches/0003-Do-not-use-SP-as-index-reg.patch: removed, included upstream.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: refreshed.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch:
    Add to fix test failure in chroot.
  * d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch:
    Add to fix test failure when $HOME is not writable.
  * d/rules: Set GOCACHE to "off" during build to avoid shipping cache files.

golang-1.9 (1.9.2-4) unstable; urgency=medium

  * Enable building on mips, mipsel and mips64. (Closes: 879764)

golang-1.9 (1.9.2-3) unstable; urgency=medium

  * Remove workaround for now fixed debhelper bug #879762
  * Backport three patches from upstream to fix ftbfs on ppc64el with new kernel.

golang-1.9 (1.9.2-2) unstable; urgency=medium

  [ Martín Ferrari ]
  * Add debian/patches/0003-Do-not-use-SP-as-index-reg.patch (Closes: #877541)

golang-1.9 (1.9.2-1) unstable; urgency=medium

  * New upstream version 1.9.2
  * Work around debhelper bug #879762

golang-1.9 (1.9.1-2) unstable; urgency=medium

  * Update debian/copyright (Closes: #873740)

golang-1.9 (1.9.1-1) unstable; urgency=medium

  * New upstream release.
  * Use my @debian.org address in Uploaders.

golang-1.9 (1.9-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress some new lintian errors in golang-1.9-src.

  [ Michael Stapelberg ]
  * Add debian/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch

golang-1.8 (1.8.3-1) unstable; urgency=medium

  * New upstream release. (Closes: 863292, 863307)

golang-1.8 (1.8.1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc3-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta1-1) unstable; urgency=medium

  * New upstream release.
  * Remove d/patches/cl-29995--tzdata-2016g.patch, included upstream.

golang-1.7 (1.7.4-1) unstable; urgency=medium

  * Update to 1.7.4 upstream release (Closes: #846545)
    - https://groups.google.com/d/topic/golang-announce/2lP5z9i9ySY/discussion
    - https://golang.org/issue/17965 (potential DoS vector in net/http)
    - golang/go@go1.7.3...go1.7.4

golang-1.7 (1.7.3-1) unstable; urgency=medium

  * New upstream release.
  * Delete d/patches/cl-28850.patch, applied upstream.

golang-1.7 (1.7.1-3) unstable; urgency=medium

  * Backport CL 29995 for tzdata 2016g changes (Closes: #839317)

golang-1.7 (1.7.1-2) unstable; urgency=medium

  * Add upstream patch for s390x FTBFS

golang-1.7 (1.7.1-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable tests on s390x now that gcc-6 has been fixed in unstable.

golang-1.7 (1.7-3) unstable; urgency=medium

  * Add "s390x" to Architectures

golang-1.7 (1.7-2) unstable; urgency=medium

  * Disable tests on armel.

golang-1.7 (1.7-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc4-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc3-1) unstable; urgency=medium

  [ Tianon Gravi ]
  * Remove outdated README files (README.source and README.Debian)

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress inaccurate source-is-missing lintian warnings.
  * Update Standards-Version to 3.9.8 (no changes required).

golang-1.7 (1.7~rc2-1) unstable; urgency=medium

  * Update to 1.7rc2 upstream release.

golang-1.7 (1.7~rc1-1) unstable; urgency=medium

  [ Paul Tagliamonte ]
  * Use a secure transport for the Vcs-Git and Vcs-Browser URL

  [ Tianon Gravi ]
  * Update to 1.7rc1 upstream release (new packages, not used by default; see
    also src:golang-defaults)
  * Update Vcs-Git to reference a particular branch

golang-1.6 (1.6.2-2) unstable; urgency=medium

  * Update "golang-any" in "Build-Depends" to fallback to "golang-go | gccgo"
    (will help with backporting)

golang-1.6 (1.6.2-1) unstable; urgency=medium

  * Update to 1.6.2 upstream release (Closes: #825696)
  * Build-Depend on golang-any instead of golang-go (Closes: #824421)

golang-1.6 (1.6.1-1) unstable; urgency=medium

  * Build golang version-specific packages (Closes: #818415)
  * Things that (conceptually at least) move to new golang version independent
    golang-defaults source package:
    - Man pages.
    - Suggesting golang-golang-x-tools.
    - Breaks/Replace-ing of old golang-go-$GOOS-$GOARCH packages.
  * Stop using alternatives to manage /usr/bin/go.
  * sed trickery in debian/rules to support easy changes to new golang versions.

golang (2:1.6.1-2) unstable; urgency=medium

  * Don't strip testdata files, causes build failures on some platforms.

golang (2:1.6.1-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * Breaks/Replaces: older golang-golang-x-tools, not Conflicts, to ensure
    smooth upgrades.
  * Strip the binaries as it has worked for the last five years or so and
    upstream sees no reason to disable it.

  [ Tianon Gravi ]
  * Update to 1.6.1 upstream release (Closes: #820369)
    - Fix CVE-2016-3959: infinite loop in several big integer routines

golang (2:1.6-1) unstable; urgency=medium

  * Update to 1.6 upstream release (thanks Hilko!)
    - change "ar" arguments to quiet spurious warnings while using gccgo
      (Closes: #807138)
    - skip multicast listen test (Closes: #814849)
    - skip userns tests when chrooted (Closes: #807303)
    - use correct ELF header for armhf binaries (Closes: #734357)
    - Update debian/rules clean for new location of generated file.

  [ Michael Hudson-Doyle ]
  * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests
    (Closes: #807290)
  * Trim Build-Depends (Closes: #807299)
  * Fix several minor debian/copyright issues (Closes: #807304)
  * Remove inconsistently included race-built packages (Closes: #807294)

  [ Tianon Gravi ]
  * Add "-k" to "run.bash" invocation so that we do a full test run every time

golang (2:1.5.3-1) unstable; urgency=high

  * Update to 1.5.3 upstream release
    - Fix CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in
      math/big library (Closes: #809168)
  * Add "Breaks" to properly complement our "Replaces" (Closes: #810595)

golang (2:1.5.2-1) unstable; urgency=medium

  * Update to 1.5.2 upstream release (Closes: #807136)

golang (2:1.5.1-4) unstable; urgency=medium

  * Add Conflicts to force newer golang-go.tools too (Closes: #803559)

golang (2:1.5.1-3) unstable; urgency=medium

  * Remove architecture qualification on golang-go Build-Depend now that
    golang-go is available for more architectures.

golang (2:1.5.1-2) unstable; urgency=medium

  * Add Conflicts to force newer golang-golang-x-tools (Closes: #802945).

golang (2:1.5.1-1) unstable; urgency=medium

  * Upload to unstable.
  * Update to 1.5.1 upstream release (see notes from experimental uploads for
    what's changed).
  * Skip tests on architectures where the tests fail.

golang (2:1.4.3-3) unstable; urgency=medium

  * Fix FTBFS for non-amd64 architectures due to handling of "-race".

golang (2:1.5.1-1~exp2) experimental; urgency=medium

  * Upload to experimental.
  * Add arch-qualifiers to "golang-go" build-depends to unblock the buildds
    (Closes: #800479); thanks Tim!

golang (2:1.4.3-2) unstable; urgency=medium

  * Update Recommends/Suggests, especially to add gcc, etc.
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building (mostly backported from the 1.5+ changes), which
    fixes the "arch:all" FTBFS.

golang (2:1.5.1-1~exp1) experimental; urgency=low

  * Upload to experimental.
  * Update to 1.5.1 upstream release (Closes: #796150).
    - Compiler and runtime written entirely in Go.
    - Concurrent garbage collector.
    - GOMAXPROCS=runtime.NumCPU() by default.
    - "internal" packages for all, not just core.
    - Experimental "vendoring" support.
    - Cross-compilation no longer requires a complete rebuild of the stdlib in
      GOROOT, and thus the golang-go-GOHOST-GOARCH packages are removed.
  * Sync debian/copyright with the Ubuntu delta. (thanks doko!)
  * Remove patches that no longer apply.
  * Add more supported arches to "debian/rules" code for detecting
    appropriate GOARCH/GOHOSTARCH values; thanks mwhudson and tpot!
    (Closes: #799907)
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building.
  * Move "dpkg-architecture" to "GOOS"/"GOARCH" code into a simple shell script
    for easier maintenance.

golang (2:1.4.3-1) unstable; urgency=medium

  * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor)
    - includes previous CVE and non-CVE security fixes, especially
      TEMP-0000000-1C4729

golang (2:1.4.2-4) unstable; urgency=high

  * Apply backported CVE fixes (Closes: #795106).
    - CVE-2015-5739: Invalid headers are parsed as valid headers
    - CVE-2015-5740: RFC 7230 3.3.3 4 violation
    - CVE-2015-5741: other discoveries of security-relevant RFC 7230 violations

golang (2:1.4.2-3) unstable; urgency=medium

  * Add missing "prerm" for our new alternatives (thanks piuparts).

golang (2:1.4.2-2) unstable; urgency=medium

  * Move "go" and "gofmt" into "/usr/lib/go" and use alternatives to provide
    appropriate symlinks (Closes: #779503, #782301).
  * Relax "golang-go.tools" relationship to Suggests (from Recommends).
  * Add "go get" VCS options to Suggests for golang-go (bzr, git, mercurial,
    subversion).

golang (2:1.4.2-1) unstable; urgency=medium

  * New upstream version
    (https://golang.org/doc/devel/release.html#go1.4.minor)

golang (2:1.4.1-1~exp1) experimental; urgency=low

  * New upstream version (https://golang.org/doc/go1.4)
    - all editor support files have been removed from misc/ upstream upstream,
      so golang-mode, kate-syntax-go, and vim-syntax-go can no longer be
      provided; see https://github.com/golang/go/wiki/IDEsAndTextEditorPlugins
      for an upstream-maintained list of potential replacements

golang (2:1.3.3-1) unstable; urgency=medium

  * New upstream version (https://code.google.com/p/go/source/list?name=go1.3.3)
    - time: removed from tests now obsolete assumption about Australian tz
      abbreviations
    - net: temporarily skip TestAcceptIgnoreSomeErrors
    - runtime: hide cgocallback_gofunc calling cgocallbackg from linker
    - runtime: fix GOTRACEBACK reading on Windows, Plan 9
    - nacltest.bash: unset GOROOT
    - cmd/5l, cmd/6l, cmd/8l: fix nacl binary corruption bug
  * Add Paul and myself as uploaders. Many, many thanks to Michael for his work
    so far on this package (and hopefully more to come).

golang (2:1.3.2-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3.1-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3-4) unstable; urgency=medium

  [ Tianon Gravi ]
  * update debian/watch for upstream's latest move (Closes: #756415)
  * backport archive/tar patch to fix PAX headers (Closes: #756416)

golang (2:1.3-3) unstable; urgency=medium

  * don’t depend on emacs23, depend on emacs instead (Closes: #754013)
  * install include/ in golang-src, VERSION in golang-go (Closes: #693186)

golang (2:1.3-2) unstable; urgency=medium

  * Add /usr/lib/go/test symlink
  * Build with GO386=387 to favor the 387 floating point unit over sse2
    instructions (Closes: #753160)
  * Add debian/patches/0001-backport-delete-whole-line.patch to fix a
    deprecation warning about flet in the emacs part of golang-mode
    (Closes: #753607)
  * Migrate to emacsen >2 (Closes: #753607)
  * Backport two patches to improve archive/tar performance (for docker):
    debian/patches/0002-archive-tar-reuse-temporary-buffer-in-writeHeader.patch
    debian/patches/0003-archive-tar-reuse-temporary-buffer-in-readHeader.patch

golang (2:1.3-1) unstable; urgency=medium

  * New upstream version.
  * Drop patches merged upstream:
    - debian/patches/add-tar-xattr-support.patch
    - debian/patches/add-tar-xattr-support.patch
  * Fix debian/watch (Thanks Tianon) (Closes: #748290)
  * Remove dangling symlink /usr/lib/go/lib/godoc (Closes: #747968)

golang (2:1.2.1-2) unstable; urgency=low

  * Re-apply debian/patches/add-tar-xattr-support.patch which got lost when
    uploading 1.2.1-1; sorry about that.

golang (2:1.2.1-1) unstable; urgency=low

  * New upstream release.

golang (2:1.2-3) unstable; urgency=low

  * add debian/patches/add-tar-xattr-support.patch to have xattr support in
    tar (cherry-picked from upstream) (Thanks proppy) (Closes: #739586)

golang (2:1.2-2) unstable; urgency=low

  * add patches/add-src-pkg-debug-elf-testdata-hello.patch to provide source
    for the testdata/ ELF binaries (Closes: #716853)

golang (2:1.2-1) unstable; urgency=low

  * New upstream release.
  * drop patches/archive-tar-fix-links-and-pax.patch, it is merged upstream
  * godoc(1) is now in the Debian package golang-go.tools, it was moved into a
    separate repository by upstream.
  * move patches/godoc-symlinks.diff to golang-go.tools

golang (2:1.1.2-3) unstable; urgency=low

  * cherry-pick upstream commit: archive-tar-fix-links-and-pax.patch
    (Closes: #730566)

golang (2:1.1.2-2) unstable; urgency=low

  * Build golang-go-linux-* for each architecture (Thanks James Page)
    (Closes: #719611)
  * Update lintian-overrides to override statically-linked-binary and
    unstripped-binary-or-object for all of golang-go

golang (2:1.1.2-1) unstable; urgency=low

  * New upstream release.
  * Relicense debian/ under the Go license to match upstream. All copyright
    holders agreed to this. (Closes: #716907)
  * golang-mode: don’t install for a number of emacs versions which are not
    supported upstream (Thanks Kevin Ryde) (Closes: #702511, #717521)

golang (2:1.1.1-4) unstable; urgency=low

  * Disable stripping, it breaks go binaries on some architectures. This drops
    the golang-dbg package which would be empty now. (Thanks Robie Basak)
    (Closes: #717172)

golang (2:1.1.1-3) unstable; urgency=low

  * Ship */runtime/cgo.a in golang-go to ensure it is present. It can only be
    used on the native architecture anyway (cannot be used when
    cross-compiling), so having it in golang-go-$GOOS-$GOARCH is not
    necessary. Even worse, since these packages are arch: all, they will be
    built precisely once, and only the runtime/cgo.a for the buildd’s native
    arch will be present. (Closes: #715025)

golang (2:1.1.1-2) unstable; urgency=low

  [ James Page ]
  * Ensure smooth upgrade path from << 2:1.1-2 (Closes: #714838)

golang (2:1.1.1-1) unstable; urgency=low

  * Imported Upstream version 1.1.1

golang (2:1.1-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Promote Michael to Maintainer

  [ Michael Stapelberg ]
  * Build golang-go-$GOOS-$GOARCH packages for cross-compiling (Closes: #710090)
  * Build race detector on linux/amd64 (only supported arch) (Closes: #710691)
  * Switch compression to xz (50% smaller binaries)

golang (2:1.1-1) unstable; urgency=low

  * New upstream release: Go 1.1!
  * Remove the long obsolete goinstall debconf question and config file.
    goinstall does not exist anymore since a long time.
    This also obsoletes the need for any translations
    (Closes: #685923, #692478)
  * Emacs go-mode auto-mode-alist entry was fixed upstream (Closes: #670371)

golang (2:1.1~hg20130405-1) experimental; urgency=low

  * Provide a new hg tip snapshot. This includes what was recently released as
    Go 1.1 beta.

golang (2:1.1~hg20130323-1) experimental; urgency=low

  * Provide a new hg tip snapshot.
  * Add debian/watch (Closes: #699698)

golang (2:1.1~hg20130304-2) experimental; urgency=low

  * Fix FTBFS of binary-arch only builds (as performed by buildds)
    caused by 'rm' not finding jquery.js in golang-doc
    (Thanks Peter Green)

golang (2:1.1~hg20130304-1) experimental; urgency=low

  * Provide a hg tip snapshot (2013-03-04) in Debian experimental.
    Current hg tip is a good approximation to Go 1.1 and should get
    some testing within Debian in order to package Go 1.1 well when
    it is released. Thanks to Andrew Gerrand.

golang (2:1.0.2-2) unstable; urgency=low

  * Add myself to uploaders, as discussed in #683421.
  * cherry-pick r820ffde8c396 (net/http: non-keepalive connections close
    successfully) (Closes: #683421)

golang (2:1.0.2-1.1) unstable; urgency=low

  * Non-maintainer upload. (as discussed with Ondřej in #679692)
  * Fix godoc-symlinks.diff (godoc didn’t find docs) (Closes: #679692)

golang (2:1.0.2-1) unstable; urgency=low

  [ Ondřej Surý ]
  * Imported Upstream version 1.0.2
  * Update Vcs fields to reflect new git repository location
  * Kill get-orig-source, since 1.0.0, the tarballs can be downloaded from
    webpage

  [ Michael Stapelberg ]
  * golang-mode: use debian-pkg-add-load-path-item (Closes: #664802)
  * add manpages (Closes: #632964)
  * Use updated pt.po from Pedro Ribeiro (Closes: #674958)

golang (2:1.0.1-1) unstable; urgency=low

  * Imported Upstream version 1.0.1
  * Apply godoc patch to display package list correctly (Closes: #669354)

golang (2:1-6) unstable; urgency=low

  * Merge upstream patch to fix homedir issue
    (http://code.google.com/p/go/source/detail?r=709120aecee0)
  * Disable GNU/KFreeBSD build (Closes: #668794)

golang (2:1-5) unstable; urgency=low

  * Rewrite test conditions to make them more readable
    (and fix the debian/rules to really not check on armel+kfreebsd)
  * Patch upstream test to not fail on missing home directory

golang (2:1-4) unstable; urgency=low

  * Disable tests on Debian GNU/KFreeBSD, they just hang now (Closes: #668794)
  * Disable tests on armel, but the invalid instruction needs fixing in
    upstream
  * Create fake home directory to pass the os/user test

golang (2:1-3) unstable; urgency=high

  * Use VERSION provided by upstream for packaging purposes
  * Run tests as a part of a build process
  * Install full src tree (except pkg/debug) because go command depend
    on sources available
  * Install sources without testdata and *_test.go
  * Remove circular dependency golang-go->golang-doc->golang-go
  * Make sure that timestamp on installed binaries and libraries is same
    because go build/install recompiles everything if the go binary has
    more recent timestamp than libraries (Closes: #668235)
    + Need to update timestamps at postinst time because already created
      directories can have time in the past
  * Fix couple of lintian errors and warnings

golang (2:1-2) unstable; urgency=low

  * Remove preserving of old -tools settings, there are too many options
    now anyway (Closes: #666007)

golang (2:1-1) unstable; urgency=low

  * New major upstream release Go 1 (Closes: #666942)
  * Bumb epoch to 2, since 1 < 60 < 2011 (I wonder if next version will be 0 :)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. (Closes: #663181)
  * [Debconf translation updates]
    + Pick existing translations from golang-weekly and do appropriate
      sed magic to fit golang templates. (Closes: #666884, #666880, #666881)
    + Dutch; (Jeroen Schot).  (Closes: #664598)
    + Czech (Michal Simunek).  (Closes: #665385)
    + Spanish; (Camaleón).  (Closes: #666177)
    + Danish (Joe Hansen).  (Closes: #666526)

golang (1:60.3-2) unstable; urgency=low

  * debconf-gettextize package templates

golang (1:60.3-1) unstable; urgency=low

  * Imported Upstream version 60.3

golang (1:60.2-1) unstable; urgency=low

  * Imported Upstream version 60.2

golang (1:60.1-1) unstable; urgency=low

  * Imported Upstream version 60.1

golang (1:60-1) unstable; urgency=low

  * Imported Upstream version 60
  * Save upstream VERSION to the archive
  * Use GOVERSION as generated by src/version.bash on hg archive time
  * Add support for goinstall dashboard debconf question in the Debian
    packaging
  * Read goinstall dashboard option from debian configuration file
  * Remove 005-goinstall_dont_call_home_by_default.patch; replaced by
    configuration option
  * Fix directory name for upstream archive checkout

golang (1:59-1) unstable; urgency=low

  * Imported Upstream version 59
  * Refresh patches to a new release
  * Fix FTBFS on ARM (Closes: #634270)
  * Update version.bash to work with Debian packaging and not hg
    repository

golang (1:58.1-2) unstable; urgency=low

  * Install golang-doc package by default (Recommends from golang-tools,
    Depends from golang)

golang (1:58.1-1) unstable; urgency=low

  * Imported Upstream version 58.1

golang (1:58-1) unstable; urgency=low

  * Imported Upstream version 58
    + Add NEWS file with upstream API changes
  * Remove patch to not update standard package, fixed in upstream

golang (1:57.2-1) unstable; urgency=low

  * Imported Upstream version 57.2
  * More spelling fixes (Closes: #630660)

golang (1:57.1-4) unstable; urgency=low

  * Description update to have proper articles and capitalization
    (Closes: #630189)
  * Add extended description about Go being experimental and that the
    languager can change between releases

golang (1:57.1-3) unstable; urgency=low

  * Fix "the Google's Go implementation" in extended description
    (Closes: #627814)
  * Update Vcs-* links
  * Install vim ftplugin files into correct directory (Closes: #629844)

golang (1:57.1-2) unstable; urgency=low

  * Bump standards version to 3.9.2
  * Capitalize Kate (Closes: #627036)
  * Import slightly modified patch to be more clear about $GOPATH
    installs for non-root users
  * Remove don't install deps patch from goinstall; deprecated by
    $GOPATH installs

golang (1:57.1-1) unstable; urgency=low

  * Add support for dot-minor releases
  * Imported Upstream version 57.1

golang (1:57-3) unstable; urgency=low

  [ Florian Weimer ]
  * golang-tools: install gofix binary

  [ Ondřej Surý ]
  * Add lintian-overrides for gofix binary

golang (1:57-2) unstable; urgency=low

  * Remove weekly code from debian/rules
  * Add golang meta-package
  * Don't create tool chain symlinks twice
  * Make debian/rules more generic for simpler sync between weekly
    and release branches

golang (1:57-1) unstable; urgency=low

  * Imported Upstream version r57
  * Bumped epoch version to 1, to convert from date based versions
    to release number based version
  * Allow release to migrate to testing (Closes: #624408)
  * Add kate and vim syntax highlighting (Closes: #624544)
  * Add -dbg package with debugging symbols

golang (2011.04.27-2) unstable; urgency=low

  * Fix yet another build failure on kfreebsd (use linux userspace)

golang (2011.04.27-1) unstable; urgency=low

  * Imported Upstream version 2011.04.27
  * Update debian/rules to allow pulling weekly upstream releases
  * Don't remove RUNPATH from binaries; fixed upstream (golang#1527)
  * Set GOHOSTOS and GOHOSTARCH to match dpkg-architecture variables
  * Add support for kfreebsd-i386, kfreebsd-amd64, armel and armhf
    architectures
    + 006-fix_kfreebsd_build.patch:
      - Add GNU/KFreeBSD support by replacing all uname calls by $(GOOS)
    + 007-use_native_dynamic_linker_on_kfreebsd.patch:
      - Use native kfreebsd dynamic linker (/lib/ld-*.so.1)
  * Add information about available architectures (Closes: #623877)
  * Don't strip gotest
  * Add Depends: golang-go to golang-tools
  * Add better support for armhf

golang (2011.04.13-1) unstable; urgency=low

  [ Florian Weimer ]
  * Delete bin directory in clean target
  * Enable parallel build
  * golang-src: install source files directly
  * Use proper symlink targets for architecture-independent toolchain
    names
  * Emacs mode: indent keys in struct literals properly

  [ Ondřej Surý ]
  * Imported Upstream weekly version 2011.04.13
  * Update patches to new weekly release
  * Add lintian-override for gotest binary

golang (2011.03.07.1-1) unstable; urgency=low

  * Imported Upstream version 2011.03.07.1
  * Install to /usr/lib/go
  * Remove xkcd strip to get rid of CC-NC-BY
  * Update golang-src.install to new upstream
  * Remove 002-use_GOROOT_FINAL_in_generated_binaries.patch; merged
    upstream
  * Make all .go files no-executable
  * Update lintian-overrides to include both types of syntax

golang (2011.02.15-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Add ${misc:Depends} to golang-mode to shutup lintian
  * Rehaul build system and add golang-src package with .go source files
  * goinstall: do not automatically install prerequisities
  * goinstall: don't report to dashboard by default
  * Add a README.Debian about local modifications to goinstall
  * Add warning about local modifications also directly to goinstall command

  [ Florian Weimer ]
  * Fix syntax error in 004-
    dont_reinstall_dependencies_in_goinstall.patch

golang (2011.02.15-1) unstable; urgency=low

  [ Obey Arthur Liu ]
  * Added pkg-google git repo to control file

  [ Florian Weimer ]
  * Build golang-mode package

  [ Ondřej Surý ]
  * Imported Upstream version 2011.02.15
  * Don't compress godoc documentation
  * Correctly use $GOROOT_FINAL in the build chain
  * Remove RPATH/RUNPATH from go binaries

golang (2011.02.01.1-1) unstable; urgency=low

  [ Ivan Wong ]
  * Initial release (Closes: #574371)

  [ Jonathan Nieder ]
  * Fill out copyright file
  * Rewrite debian/rules using dh driver
  * debian: fix get-orig-source rule
  * debian: do not install extra files on repeated build
  * debian: fix reversed ‘if’
  * debian: do not leave around stale debian/env.sh+ file
  * debian: Build-Depends on awk instead of gawk
  * debian: add run-time dependency on perl
  * debian: add build-time dependency on perl
  * debian: fix setting of GOARM on arm
  * debian: do not compress files in web page
  * debian: install favicon

  [ Ondřej Surý ]
  * Make myself a maintainer
  * Add patch to allow IPv4 on IPv6 sockets (Courtesy of Florian Weimer)
  * Use GOROOT_FINAL and change GOBIN to /usr/bin
  * Get rid of env.sh and wrappers
  * Add support for building in i386 pbuilder on amd64 architecture
  * Rename source package to golang to match upstream repository name
  * Add golang-doc package
  * Split package into compiler, docs and tools
  * Don't install quietgcc and hgpatch
  * Don't generate fake gomake
  * Update golang-doc package
  * Export GOHOSTARCH and GOHOSTOS
  * Disable build time checks
  * Fail on missed installed files
  * Revert s{tmp{golang-go{ change in DESTDIR
  * Relicence debian/ files from versionless GPL to GPL-3
  * Move golang-doc to doc section
  * Add more lintian overrides for Go binaries
  * Install all 6,8,5 variants of commands
  * Install golang-* symlinks for 6,8,5* commands
  * Don't strip govet as well
  * Remove ${shlibs:Depends} where it doesn't belong
  * Move more html files to golang-doc package
  * Remove codereview directory - some python code to deal with mercurial
kph pushed a commit to platinasystems/golang-1.15 that referenced this issue Sep 30, 2020
golang-1.15 (1.15~beta1-2) unstable; urgency=medium

  * Source-only upload.

golang-1.15 (1.15~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Drop patch to fix FTBFS on $HOME managed with git, has been
      applied upstream.
    - Refresh remaining patches

golang-1.14 (1.14.4-1) unstable; urgency=medium

  * New upstream version 1.14.4
    - Refresh patches

golang-1.14 (1.14.3-2) unstable; urgency=medium

  * Increase the test timeout that made some builds succeed
    there on slow hardware (such as emulated riscv64).
    Thanks to Gianfranco Costamagna (Closes: #960759)

golang-1.14 (1.14.3-1) unstable; urgency=medium

  * New upstream version 1.14.3
  * Use debhelper v13

golang-1.14 (1.14.2-1) unstable; urgency=medium

  * New upstream version 1.14.2

golang-1.14 (1.14.1-1) unstable; urgency=medium

  * New upstream version 1.14.1
    - Add new patch to fix FTBFS on $HOME managed with git.
      Thanks to Guillem Jover <gjover@sipwise.com> (Closes: #953276)

golang-1.14 (1.14-2) unstable; urgency=medium

  * Fix FTBFS if built twice in a row.
    Some paths of autogenerated files have been changed upstream,
    so that the removal of those files after the build did no
    longer succeed.
    Thanks to Guillem Jover (Closes: #953277)
  * Update Standards-Version to 4.5.0, no changes needed

golang-1.14 (1.14-1) unstable; urgency=medium

  * New upstream version 1.14

golang-1.14 (1.14~rc1-1) unstable; urgency=medium

  * New upstream version 1.14~rc1
    - Fixes CVE-2020-7919
  * Add Breaks: dh-golang (<< 1.43~) to golang-go.
    Thanks to Pirate Praveen <praveen@onenetbeyond.org>
  * Update upstream's signing key
  * Add support for riscv64.
    Thanks to Aurelien Jarno <aurel32@debian.org> (Closes: #950517)

golang-1.14 (1.14~beta1-2) unstable; urgency=medium

  * Source-only upload.
  * Add two more lintian overrides for testdata

golang-1.14 (1.14~beta1-1) unstable; urgency=medium

  * New upstream major version.

golang-1.13 (1.13.5-1) unstable; urgency=medium

  * New upstream version 1.13.5

golang-1.13 (1.13.4-1) unstable; urgency=medium

  * New upstream version 1.13.4
    - Refresh patches

golang-1.13 (1.13.3-1) unstable; urgency=medium

  * New upstream version 1.13.3
    - Refresh patch
    - crypto/dsa: invalid public key causes panic in dsa.Verify.
      Fixes CVE-2019-17596. Closes: #942628
  * Update Standards-Version to 4.4.1, no changes needed

golang-1.13 (1.13.1-1) unstable; urgency=medium

  * New upstream version 1.13.1
    - net/textproto: don't normalize headers with spaces before the colon.
      Fixes CVE-2019-16276. See golang/go#34541
      and Debian bug #941173

golang-1.13 (1.13-1) unstable; urgency=medium

  * New upstream version 1.13
    - Refresh patch
  * Set pristine-tar for gbp to False

golang-1.13 (1.13~rc2-1) unstable; urgency=medium

  * New upstream version 1.13~rc2
    - Remove patch for CVE-2019-9512 and CVE-2019-9514,
      has been applied upstream

golang-1.13 (1.13~rc1-2) unstable; urgency=medium

  * Exclude testdata from dh_makeshlibs.
    Otherwise, the build fails at least on armel and armhf.
  * Apply changes from cme fix dpkg
  * Set Rules-Requires-Root: no

golang-1.13 (1.13~rc1-1) unstable; urgency=medium

  * New upstream version 1.13~rc1
    - Remove patch for CVE-2019-14809, has been applied upstream
  * Use dh_missing instead of deprecated dh_install --fail-missing
  * Do not run dh_dwz, there is no debugging information
  * Use debhelper-compat (= 12)

golang-1.13 (1.13~beta1-3) unstable; urgency=high

  * Fix Denial of Service vulnerabilities in the HTTP/2 implementation.
    golang/go#33631
    CVE-2019-9512, CVE-2019-9514. Closes: #934955
  * Fix multiple Parsing Issues in URL.Parse
    golang/go#29098
    CVE-2019-14809. Closes: #934954

golang-1.13 (1.13~beta1-2) unstable; urgency=medium

  * Set GOCACHE to fix a FTBFS. (See bug #933958)

golang-1.13 (1.13~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Remove Reproducible-BUILD_PATH_PREFIX_MAP.patch.
      This patch is finally no longer needed with Go 1.13.
      Upstream has implemented a new flag "-trimpath" for the
      command "go build" which either strips the path or
      replaces it in the resulting binaries.
      References:
      golang/go#16860
      https://go-review.googlesource.com/c/go/+/173345/
      https://go-review.googlesource.com/c/go/+/173344/
    - Remove arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch.
      This patch has been cherry-picked from upstream and is now included.
    - Refresh remaining patches
    - Fix lintian warning: make scripts executable
  * Switch to debhelper-compat, but stay at v11 for now

golang-1.12 (1.12.7-1) unstable; urgency=medium

  * New upstream version 1.12.7
    - Refresh patches
  * Update Standards-Version to 4.4.0, no changes needed

golang-1.12 (1.12.5-1) unstable; urgency=medium

  * New upstream version 1.12.5

golang-1.12 (1.12.4-1) unstable; urgency=medium

  [ Anthony Fok ]
  * Add /usr/lib/go-X.Y/{api,misc} symlinks.
    For example, programs such as https://github.com/vugu/vugu and
    documentation such as https://github.com/golang/go/wiki/WebAssembly
    expect to find wasm_exec.js at "$(go env GOROOT)/misc/wasm/wasm_exec.js".

  [ Dr. Tobias Quathamer ]
  * New upstream version 1.12.4
  * Add five lintian overrides for false positives

golang-1.12 (1.12.1-1) unstable; urgency=medium

  * New upstream version 1.12.1
  * Use upstream signing key for tarball verification

golang-1.12 (1.12-1) unstable; urgency=medium

  * New upstream version 1.12
    - Remove patch 0005-Fix-CVE-2019-6486, applied upstream

golang-1.12 (1.12~beta2-2) unstable; urgency=medium

  * Refresh patch Reproducible BUILD_PATH_PREFIX_MAP.
    Thanks to Michael Stapelberg!
  * Add patch to fix CVE-2019-6486. (Closes: #920548)

golang-1.12 (1.12~beta2-1) unstable; urgency=medium

  * New upstream version 1.12~beta2
    - Remove two patches, applied upstream. Refresh remaining patch.

golang-1.12 (1.12~beta1-4) unstable; urgency=medium

  * Switch watch file to version 4
  * Update d/copyright

golang-1.12 (1.12~beta1-3) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "unix: fix Fstatat by using fillStat_t on linux/mips64x"
    This fixes the "Fstatat: returned stat does not match Stat/Lstat"
    errors detected by TestFstatat.
    See https://go-review.googlesource.com/c/sys/+/155747

  [ Dr. Tobias Quathamer ]
  * Add another lintian override

golang-1.12 (1.12~beta1-2) unstable; urgency=medium

  [ Anthony Fok ]
  * Add patch "cmd/compile: fix MIPS SGTconst-with-shift rules"
    by Cherry Zhang.  This fixes the root problem behind the
    "slice bounds out of range" build error seen in 1.11.4
    on mips and mipsel architectures.
    See https://go-review.googlesource.com/c/go/+/155798
  * Bump Standards-Version to 4.3.0 (no change)

  [ Dr. Tobias Quathamer ]
  * Do not compress favicon.ico.
    Thanks to Dato Simó <dato@debian.org> (Closes: #917132)

golang-1.12 (1.12~beta1-1) unstable; urgency=medium

  * New upstream major version.
    - Refresh patches
    - Add new patch to disable test for UserHomeDir
  * Switch team address to tracker.d.o
  * Add another lintian override for a false positive

golang-1.11 (1.11.4-1) unstable; urgency=medium

  * New upstream version 1.11.4
  * Make lintian override agnostic of golang version

golang-1.11 (1.11.3-1) unstable; urgency=medium

  * New upstream version 1.11.3
    - Refresh patches
  * Update gbp.conf to new style syntax
  * Suggest brz as alternative to bzr; it provides the same command-line API.
  * Add myself to Uploaders

golang-1.11 (1.11.2-2) unstable; urgency=medium

  * d/patches/arm64-arm64asm-recognise-new-ssbb-pssbb-mnemonics-fr.patch:
    backport workaround for objdump's support of newer mnemonics on arm64.

golang-1.11 (1.11.2-1) unstable; urgency=medium

  * Team upload.

  [ Michael Hudson-Doyle ]
  * New upstream major version.
  * Update debhelper compat level to 11.
  * Remove GOCACHE files after running tests.
  * Stop dh_strip_nondeterminism from looking at testdata directories.

  [ Dr. Tobias Quathamer ]
  * Build-Depend on debhelper v11
  * Override two false positive Lintian errors (missing depends
    on sensible-utils)
  * Add Lintian overrides for testdata
  * Include /usr/share/dpkg/architecture.mk for DEB_HOST_ARCH
  * Refresh patch for new upstream version
  * Fix Lintian warnings about wrong interpreter path
  * Make two scripts executable which have been missed by upstream
  * Remove three unneeded lintian overrides
  * Use HTTPS URL for d/watch
  * Update to Standards-Version 4.2.1
    - Use HTTPS for d/copyright
  * Update d/copyright

golang-1.10 (1.10.3-1) unstable; urgency=medium

  * New upstream version 1.10.3
  * Restore changelog entry for 1.10.1-3, and fix that for 1.10.2-1, oops.

golang-1.10 (1.10.2-1) unstable; urgency=medium

  * New upstream version 1.10.2.
    - d/patches/0003-Backport_nopie_fix.patch: removed, now included upstream.
    - d/patches/0004-Backport_mips_octeon3_fp_fix.patch: removed, also included
      upstream.

golang-1.10 (1.10.1-3) unstable; urgency=high

  * Team upload.

  [ Michael Hudson-Doyle ]
  * Install the 'misc' and 'api' directories as part of the golang-1.10-src
    package as some tools (vgo, go tool trace) expect them to be there.
    (Closes: 894992¸ LP: #1743598)

  [ Martín Ferrari ]
  * Backport fix for FP bug in mips/Octeon III. Closes: #892088. Raising
    severity.

golang-1.10 (1.10.1-2) unstable; urgency=medium

  * Team upload.
  * Backport patch that fixes FTBFS in arm64.
  * debian/copyright: Update attribution.
  * debian/source: Update lintian-overrides.

golang-1.10 (1.10.1-1) unstable; urgency=medium

  * New upstream version 1.10.1.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: update patch tags
    to reference upstream discussion of this topic.
  * d/control, d/control.in: Update Vcs-* to point to salsa.

golang-1.10 (1.10-1) unstable; urgency=medium

  * New upstream version 1.10

golang-1.10 (1.10~rc2-1) unstable; urgency=medium

  * New upstream version, fixing CVE-2018-6574.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch,
    d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch,
    d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    removed, now included upstream.

golang-1.10 (1.10~rc1-2) unstable; urgency=medium

  * d/patches/0004-cmd-link-internal-loadelf-fix-logic-for-computing-EL.patch:
    Backport from upstream to fix build issues on armhf (causes ftbfs on
    Ubuntu but not Debian for some reason, but could produce broken binaries
    on Debian too).

golang-1.10 (1.10~rc1-1) unstable; urgency=medium

  * New upstream version 1.10~rc1.
  * d/patches/0004-cmd-dist-use-buildmode-pie-for-pie-testing.patch,
    d/patches/0006-misc-cgo-testcarchive-use-no-pie-where-needed.patch,
    d/patches/0003-Do-not-use-SP-as-index-reg.patch: removed, included upstream.
  * d/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch: refreshed.
  * d/patches/0001-os-signal-skip-TestTerminalSignal-if-posix_openpt-fa.patch:
    Add to fix test failure in chroot.
  * d/patches/0003-cmd-vendor-github.com-google-pprof-cherry-pick-fix-t.patch:
    Add to fix test failure when $HOME is not writable.
  * d/rules: Set GOCACHE to "off" during build to avoid shipping cache files.

golang-1.9 (1.9.2-4) unstable; urgency=medium

  * Enable building on mips, mipsel and mips64. (Closes: 879764)

golang-1.9 (1.9.2-3) unstable; urgency=medium

  * Remove workaround for now fixed debhelper bug #879762
  * Backport three patches from upstream to fix ftbfs on ppc64el with new kernel.

golang-1.9 (1.9.2-2) unstable; urgency=medium

  [ Martín Ferrari ]
  * Add debian/patches/0003-Do-not-use-SP-as-index-reg.patch (Closes: #877541)

golang-1.9 (1.9.2-1) unstable; urgency=medium

  * New upstream version 1.9.2
  * Work around debhelper bug #879762

golang-1.9 (1.9.1-2) unstable; urgency=medium

  * Update debian/copyright (Closes: #873740)

golang-1.9 (1.9.1-1) unstable; urgency=medium

  * New upstream release.
  * Use my @debian.org address in Uploaders.

golang-1.9 (1.9-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress some new lintian errors in golang-1.9-src.

  [ Michael Stapelberg ]
  * Add debian/patches/0002-reproducible-BUILD_PATH_PREFIX_MAP.patch

golang-1.8 (1.8.3-1) unstable; urgency=medium

  * New upstream release. (Closes: 863292, 863307)

golang-1.8 (1.8.1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc3-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~rc1-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta2-1) unstable; urgency=medium

  * New upstream release.

golang-1.8 (1.8~beta1-1) unstable; urgency=medium

  * New upstream release.
  * Remove d/patches/cl-29995--tzdata-2016g.patch, included upstream.

golang-1.7 (1.7.4-1) unstable; urgency=medium

  * Update to 1.7.4 upstream release (Closes: #846545)
    - https://groups.google.com/d/topic/golang-announce/2lP5z9i9ySY/discussion
    - https://golang.org/issue/17965 (potential DoS vector in net/http)
    - golang/go@go1.7.3...go1.7.4

golang-1.7 (1.7.3-1) unstable; urgency=medium

  * New upstream release.
  * Delete d/patches/cl-28850.patch, applied upstream.

golang-1.7 (1.7.1-3) unstable; urgency=medium

  * Backport CL 29995 for tzdata 2016g changes (Closes: #839317)

golang-1.7 (1.7.1-2) unstable; urgency=medium

  * Add upstream patch for s390x FTBFS

golang-1.7 (1.7.1-1) unstable; urgency=medium

  * New upstream release.
  * Re-enable tests on s390x now that gcc-6 has been fixed in unstable.

golang-1.7 (1.7-3) unstable; urgency=medium

  * Add "s390x" to Architectures

golang-1.7 (1.7-2) unstable; urgency=medium

  * Disable tests on armel.

golang-1.7 (1.7-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc4-1) unstable; urgency=medium

  * New upstream release.

golang-1.7 (1.7~rc3-1) unstable; urgency=medium

  [ Tianon Gravi ]
  * Remove outdated README files (README.source and README.Debian)

  [ Michael Hudson-Doyle ]
  * New upstream release.
  * Suppress inaccurate source-is-missing lintian warnings.
  * Update Standards-Version to 3.9.8 (no changes required).

golang-1.7 (1.7~rc2-1) unstable; urgency=medium

  * Update to 1.7rc2 upstream release.

golang-1.7 (1.7~rc1-1) unstable; urgency=medium

  [ Paul Tagliamonte ]
  * Use a secure transport for the Vcs-Git and Vcs-Browser URL

  [ Tianon Gravi ]
  * Update to 1.7rc1 upstream release (new packages, not used by default; see
    also src:golang-defaults)
  * Update Vcs-Git to reference a particular branch

golang-1.6 (1.6.2-2) unstable; urgency=medium

  * Update "golang-any" in "Build-Depends" to fallback to "golang-go | gccgo"
    (will help with backporting)

golang-1.6 (1.6.2-1) unstable; urgency=medium

  * Update to 1.6.2 upstream release (Closes: #825696)
  * Build-Depend on golang-any instead of golang-go (Closes: #824421)

golang-1.6 (1.6.1-1) unstable; urgency=medium

  * Build golang version-specific packages (Closes: #818415)
  * Things that (conceptually at least) move to new golang version independent
    golang-defaults source package:
    - Man pages.
    - Suggesting golang-golang-x-tools.
    - Breaks/Replace-ing of old golang-go-$GOOS-$GOARCH packages.
  * Stop using alternatives to manage /usr/bin/go.
  * sed trickery in debian/rules to support easy changes to new golang versions.

golang (2:1.6.1-2) unstable; urgency=medium

  * Don't strip testdata files, causes build failures on some platforms.

golang (2:1.6.1-1) unstable; urgency=medium

  [ Michael Hudson-Doyle ]
  * Breaks/Replaces: older golang-golang-x-tools, not Conflicts, to ensure
    smooth upgrades.
  * Strip the binaries as it has worked for the last five years or so and
    upstream sees no reason to disable it.

  [ Tianon Gravi ]
  * Update to 1.6.1 upstream release (Closes: #820369)
    - Fix CVE-2016-3959: infinite loop in several big integer routines

golang (2:1.6-1) unstable; urgency=medium

  * Update to 1.6 upstream release (thanks Hilko!)
    - change "ar" arguments to quiet spurious warnings while using gccgo
      (Closes: #807138)
    - skip multicast listen test (Closes: #814849)
    - skip userns tests when chrooted (Closes: #807303)
    - use correct ELF header for armhf binaries (Closes: #734357)
    - Update debian/rules clean for new location of generated file.

  [ Michael Hudson-Doyle ]
  * Respect "nocheck" in DEB_BUILD_OPTIONS while building to skip tests
    (Closes: #807290)
  * Trim Build-Depends (Closes: #807299)
  * Fix several minor debian/copyright issues (Closes: #807304)
  * Remove inconsistently included race-built packages (Closes: #807294)

  [ Tianon Gravi ]
  * Add "-k" to "run.bash" invocation so that we do a full test run every time

golang (2:1.5.3-1) unstable; urgency=high

  * Update to 1.5.3 upstream release
    - Fix CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in
      math/big library (Closes: #809168)
  * Add "Breaks" to properly complement our "Replaces" (Closes: #810595)

golang (2:1.5.2-1) unstable; urgency=medium

  * Update to 1.5.2 upstream release (Closes: #807136)

golang (2:1.5.1-4) unstable; urgency=medium

  * Add Conflicts to force newer golang-go.tools too (Closes: #803559)

golang (2:1.5.1-3) unstable; urgency=medium

  * Remove architecture qualification on golang-go Build-Depend now that
    golang-go is available for more architectures.

golang (2:1.5.1-2) unstable; urgency=medium

  * Add Conflicts to force newer golang-golang-x-tools (Closes: #802945).

golang (2:1.5.1-1) unstable; urgency=medium

  * Upload to unstable.
  * Update to 1.5.1 upstream release (see notes from experimental uploads for
    what's changed).
  * Skip tests on architectures where the tests fail.

golang (2:1.4.3-3) unstable; urgency=medium

  * Fix FTBFS for non-amd64 architectures due to handling of "-race".

golang (2:1.5.1-1~exp2) experimental; urgency=medium

  * Upload to experimental.
  * Add arch-qualifiers to "golang-go" build-depends to unblock the buildds
    (Closes: #800479); thanks Tim!

golang (2:1.4.3-2) unstable; urgency=medium

  * Update Recommends/Suggests, especially to add gcc, etc.
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building (mostly backported from the 1.5+ changes), which
    fixes the "arch:all" FTBFS.

golang (2:1.5.1-1~exp1) experimental; urgency=low

  * Upload to experimental.
  * Update to 1.5.1 upstream release (Closes: #796150).
    - Compiler and runtime written entirely in Go.
    - Concurrent garbage collector.
    - GOMAXPROCS=runtime.NumCPU() by default.
    - "internal" packages for all, not just core.
    - Experimental "vendoring" support.
    - Cross-compilation no longer requires a complete rebuild of the stdlib in
      GOROOT, and thus the golang-go-GOHOST-GOARCH packages are removed.
  * Sync debian/copyright with the Ubuntu delta. (thanks doko!)
  * Remove patches that no longer apply.
  * Add more supported arches to "debian/rules" code for detecting
    appropriate GOARCH/GOHOSTARCH values; thanks mwhudson and tpot!
    (Closes: #799907)
  * Refactor "debian/rules" to utilize debhelper more effectively, especially
    for arch vs indep building.
  * Move "dpkg-architecture" to "GOOS"/"GOARCH" code into a simple shell script
    for easier maintenance.

golang (2:1.4.3-1) unstable; urgency=medium

  * New upstream version (https://golang.org/doc/devel/release.html#go1.4.minor)
    - includes previous CVE and non-CVE security fixes, especially
      TEMP-0000000-1C4729

golang (2:1.4.2-4) unstable; urgency=high

  * Apply backported CVE fixes (Closes: #795106).
    - CVE-2015-5739: Invalid headers are parsed as valid headers
    - CVE-2015-5740: RFC 7230 3.3.3 4 violation
    - CVE-2015-5741: other discoveries of security-relevant RFC 7230 violations

golang (2:1.4.2-3) unstable; urgency=medium

  * Add missing "prerm" for our new alternatives (thanks piuparts).

golang (2:1.4.2-2) unstable; urgency=medium

  * Move "go" and "gofmt" into "/usr/lib/go" and use alternatives to provide
    appropriate symlinks (Closes: #779503, #782301).
  * Relax "golang-go.tools" relationship to Suggests (from Recommends).
  * Add "go get" VCS options to Suggests for golang-go (bzr, git, mercurial,
    subversion).

golang (2:1.4.2-1) unstable; urgency=medium

  * New upstream version
    (https://golang.org/doc/devel/release.html#go1.4.minor)

golang (2:1.4.1-1~exp1) experimental; urgency=low

  * New upstream version (https://golang.org/doc/go1.4)
    - all editor support files have been removed from misc/ upstream upstream,
      so golang-mode, kate-syntax-go, and vim-syntax-go can no longer be
      provided; see https://github.com/golang/go/wiki/IDEsAndTextEditorPlugins
      for an upstream-maintained list of potential replacements

golang (2:1.3.3-1) unstable; urgency=medium

  * New upstream version (https://code.google.com/p/go/source/list?name=go1.3.3)
    - time: removed from tests now obsolete assumption about Australian tz
      abbreviations
    - net: temporarily skip TestAcceptIgnoreSomeErrors
    - runtime: hide cgocallback_gofunc calling cgocallbackg from linker
    - runtime: fix GOTRACEBACK reading on Windows, Plan 9
    - nacltest.bash: unset GOROOT
    - cmd/5l, cmd/6l, cmd/8l: fix nacl binary corruption bug
  * Add Paul and myself as uploaders. Many, many thanks to Michael for his work
    so far on this package (and hopefully more to come).

golang (2:1.3.2-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3.1-1) unstable; urgency=medium

  * New upstream version

golang (2:1.3-4) unstable; urgency=medium

  [ Tianon Gravi ]
  * update debian/watch for upstream's latest move (Closes: #756415)
  * backport archive/tar patch to fix PAX headers (Closes: #756416)

golang (2:1.3-3) unstable; urgency=medium

  * don’t depend on emacs23, depend on emacs instead (Closes: #754013)
  * install include/ in golang-src, VERSION in golang-go (Closes: #693186)

golang (2:1.3-2) unstable; urgency=medium

  * Add /usr/lib/go/test symlink
  * Build with GO386=387 to favor the 387 floating point unit over sse2
    instructions (Closes: #753160)
  * Add debian/patches/0001-backport-delete-whole-line.patch to fix a
    deprecation warning about flet in the emacs part of golang-mode
    (Closes: #753607)
  * Migrate to emacsen >2 (Closes: #753607)
  * Backport two patches to improve archive/tar performance (for docker):
    debian/patches/0002-archive-tar-reuse-temporary-buffer-in-writeHeader.patch
    debian/patches/0003-archive-tar-reuse-temporary-buffer-in-readHeader.patch

golang (2:1.3-1) unstable; urgency=medium

  * New upstream version.
  * Drop patches merged upstream:
    - debian/patches/add-tar-xattr-support.patch
    - debian/patches/add-tar-xattr-support.patch
  * Fix debian/watch (Thanks Tianon) (Closes: #748290)
  * Remove dangling symlink /usr/lib/go/lib/godoc (Closes: #747968)

golang (2:1.2.1-2) unstable; urgency=low

  * Re-apply debian/patches/add-tar-xattr-support.patch which got lost when
    uploading 1.2.1-1; sorry about that.

golang (2:1.2.1-1) unstable; urgency=low

  * New upstream release.

golang (2:1.2-3) unstable; urgency=low

  * add debian/patches/add-tar-xattr-support.patch to have xattr support in
    tar (cherry-picked from upstream) (Thanks proppy) (Closes: #739586)

golang (2:1.2-2) unstable; urgency=low

  * add patches/add-src-pkg-debug-elf-testdata-hello.patch to provide source
    for the testdata/ ELF binaries (Closes: #716853)

golang (2:1.2-1) unstable; urgency=low

  * New upstream release.
  * drop patches/archive-tar-fix-links-and-pax.patch, it is merged upstream
  * godoc(1) is now in the Debian package golang-go.tools, it was moved into a
    separate repository by upstream.
  * move patches/godoc-symlinks.diff to golang-go.tools

golang (2:1.1.2-3) unstable; urgency=low

  * cherry-pick upstream commit: archive-tar-fix-links-and-pax.patch
    (Closes: #730566)

golang (2:1.1.2-2) unstable; urgency=low

  * Build golang-go-linux-* for each architecture (Thanks James Page)
    (Closes: #719611)
  * Update lintian-overrides to override statically-linked-binary and
    unstripped-binary-or-object for all of golang-go

golang (2:1.1.2-1) unstable; urgency=low

  * New upstream release.
  * Relicense debian/ under the Go license to match upstream. All copyright
    holders agreed to this. (Closes: #716907)
  * golang-mode: don’t install for a number of emacs versions which are not
    supported upstream (Thanks Kevin Ryde) (Closes: #702511, #717521)

golang (2:1.1.1-4) unstable; urgency=low

  * Disable stripping, it breaks go binaries on some architectures. This drops
    the golang-dbg package which would be empty now. (Thanks Robie Basak)
    (Closes: #717172)

golang (2:1.1.1-3) unstable; urgency=low

  * Ship */runtime/cgo.a in golang-go to ensure it is present. It can only be
    used on the native architecture anyway (cannot be used when
    cross-compiling), so having it in golang-go-$GOOS-$GOARCH is not
    necessary. Even worse, since these packages are arch: all, they will be
    built precisely once, and only the runtime/cgo.a for the buildd’s native
    arch will be present. (Closes: #715025)

golang (2:1.1.1-2) unstable; urgency=low

  [ James Page ]
  * Ensure smooth upgrade path from << 2:1.1-2 (Closes: #714838)

golang (2:1.1.1-1) unstable; urgency=low

  * Imported Upstream version 1.1.1

golang (2:1.1-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Promote Michael to Maintainer

  [ Michael Stapelberg ]
  * Build golang-go-$GOOS-$GOARCH packages for cross-compiling (Closes: #710090)
  * Build race detector on linux/amd64 (only supported arch) (Closes: #710691)
  * Switch compression to xz (50% smaller binaries)

golang (2:1.1-1) unstable; urgency=low

  * New upstream release: Go 1.1!
  * Remove the long obsolete goinstall debconf question and config file.
    goinstall does not exist anymore since a long time.
    This also obsoletes the need for any translations
    (Closes: #685923, #692478)
  * Emacs go-mode auto-mode-alist entry was fixed upstream (Closes: #670371)

golang (2:1.1~hg20130405-1) experimental; urgency=low

  * Provide a new hg tip snapshot. This includes what was recently released as
    Go 1.1 beta.

golang (2:1.1~hg20130323-1) experimental; urgency=low

  * Provide a new hg tip snapshot.
  * Add debian/watch (Closes: #699698)

golang (2:1.1~hg20130304-2) experimental; urgency=low

  * Fix FTBFS of binary-arch only builds (as performed by buildds)
    caused by 'rm' not finding jquery.js in golang-doc
    (Thanks Peter Green)

golang (2:1.1~hg20130304-1) experimental; urgency=low

  * Provide a hg tip snapshot (2013-03-04) in Debian experimental.
    Current hg tip is a good approximation to Go 1.1 and should get
    some testing within Debian in order to package Go 1.1 well when
    it is released. Thanks to Andrew Gerrand.

golang (2:1.0.2-2) unstable; urgency=low

  * Add myself to uploaders, as discussed in #683421.
  * cherry-pick r820ffde8c396 (net/http: non-keepalive connections close
    successfully) (Closes: #683421)

golang (2:1.0.2-1.1) unstable; urgency=low

  * Non-maintainer upload. (as discussed with Ondřej in #679692)
  * Fix godoc-symlinks.diff (godoc didn’t find docs) (Closes: #679692)

golang (2:1.0.2-1) unstable; urgency=low

  [ Ondřej Surý ]
  * Imported Upstream version 1.0.2
  * Update Vcs fields to reflect new git repository location
  * Kill get-orig-source, since 1.0.0, the tarballs can be downloaded from
    webpage

  [ Michael Stapelberg ]
  * golang-mode: use debian-pkg-add-load-path-item (Closes: #664802)
  * add manpages (Closes: #632964)
  * Use updated pt.po from Pedro Ribeiro (Closes: #674958)

golang (2:1.0.1-1) unstable; urgency=low

  * Imported Upstream version 1.0.1
  * Apply godoc patch to display package list correctly (Closes: #669354)

golang (2:1-6) unstable; urgency=low

  * Merge upstream patch to fix homedir issue
    (http://code.google.com/p/go/source/detail?r=709120aecee0)
  * Disable GNU/KFreeBSD build (Closes: #668794)

golang (2:1-5) unstable; urgency=low

  * Rewrite test conditions to make them more readable
    (and fix the debian/rules to really not check on armel+kfreebsd)
  * Patch upstream test to not fail on missing home directory

golang (2:1-4) unstable; urgency=low

  * Disable tests on Debian GNU/KFreeBSD, they just hang now (Closes: #668794)
  * Disable tests on armel, but the invalid instruction needs fixing in
    upstream
  * Create fake home directory to pass the os/user test

golang (2:1-3) unstable; urgency=high

  * Use VERSION provided by upstream for packaging purposes
  * Run tests as a part of a build process
  * Install full src tree (except pkg/debug) because go command depend
    on sources available
  * Install sources without testdata and *_test.go
  * Remove circular dependency golang-go->golang-doc->golang-go
  * Make sure that timestamp on installed binaries and libraries is same
    because go build/install recompiles everything if the go binary has
    more recent timestamp than libraries (Closes: #668235)
    + Need to update timestamps at postinst time because already created
      directories can have time in the past
  * Fix couple of lintian errors and warnings

golang (2:1-2) unstable; urgency=low

  * Remove preserving of old -tools settings, there are too many options
    now anyway (Closes: #666007)

golang (2:1-1) unstable; urgency=low

  * New major upstream release Go 1 (Closes: #666942)
  * Bumb epoch to 2, since 1 < 60 < 2011 (I wonder if next version will be 0 :)
  * Debconf templates and debian/control reviewed by the debian-l10n-
    english team as part of the Smith review project. (Closes: #663181)
  * [Debconf translation updates]
    + Pick existing translations from golang-weekly and do appropriate
      sed magic to fit golang templates. (Closes: #666884, #666880, #666881)
    + Dutch; (Jeroen Schot).  (Closes: #664598)
    + Czech (Michal Simunek).  (Closes: #665385)
    + Spanish; (Camaleón).  (Closes: #666177)
    + Danish (Joe Hansen).  (Closes: #666526)

golang (1:60.3-2) unstable; urgency=low

  * debconf-gettextize package templates

golang (1:60.3-1) unstable; urgency=low

  * Imported Upstream version 60.3

golang (1:60.2-1) unstable; urgency=low

  * Imported Upstream version 60.2

golang (1:60.1-1) unstable; urgency=low

  * Imported Upstream version 60.1

golang (1:60-1) unstable; urgency=low

  * Imported Upstream version 60
  * Save upstream VERSION to the archive
  * Use GOVERSION as generated by src/version.bash on hg archive time
  * Add support for goinstall dashboard debconf question in the Debian
    packaging
  * Read goinstall dashboard option from debian configuration file
  * Remove 005-goinstall_dont_call_home_by_default.patch; replaced by
    configuration option
  * Fix directory name for upstream archive checkout

golang (1:59-1) unstable; urgency=low

  * Imported Upstream version 59
  * Refresh patches to a new release
  * Fix FTBFS on ARM (Closes: #634270)
  * Update version.bash to work with Debian packaging and not hg
    repository

golang (1:58.1-2) unstable; urgency=low

  * Install golang-doc package by default (Recommends from golang-tools,
    Depends from golang)

golang (1:58.1-1) unstable; urgency=low

  * Imported Upstream version 58.1

golang (1:58-1) unstable; urgency=low

  * Imported Upstream version 58
    + Add NEWS file with upstream API changes
  * Remove patch to not update standard package, fixed in upstream

golang (1:57.2-1) unstable; urgency=low

  * Imported Upstream version 57.2
  * More spelling fixes (Closes: #630660)

golang (1:57.1-4) unstable; urgency=low

  * Description update to have proper articles and capitalization
    (Closes: #630189)
  * Add extended description about Go being experimental and that the
    languager can change between releases

golang (1:57.1-3) unstable; urgency=low

  * Fix "the Google's Go implementation" in extended description
    (Closes: #627814)
  * Update Vcs-* links
  * Install vim ftplugin files into correct directory (Closes: #629844)

golang (1:57.1-2) unstable; urgency=low

  * Bump standards version to 3.9.2
  * Capitalize Kate (Closes: #627036)
  * Import slightly modified patch to be more clear about $GOPATH
    installs for non-root users
  * Remove don't install deps patch from goinstall; deprecated by
    $GOPATH installs

golang (1:57.1-1) unstable; urgency=low

  * Add support for dot-minor releases
  * Imported Upstream version 57.1

golang (1:57-3) unstable; urgency=low

  [ Florian Weimer ]
  * golang-tools: install gofix binary

  [ Ondřej Surý ]
  * Add lintian-overrides for gofix binary

golang (1:57-2) unstable; urgency=low

  * Remove weekly code from debian/rules
  * Add golang meta-package
  * Don't create tool chain symlinks twice
  * Make debian/rules more generic for simpler sync between weekly
    and release branches

golang (1:57-1) unstable; urgency=low

  * Imported Upstream version r57
  * Bumped epoch version to 1, to convert from date based versions
    to release number based version
  * Allow release to migrate to testing (Closes: #624408)
  * Add kate and vim syntax highlighting (Closes: #624544)
  * Add -dbg package with debugging symbols

golang (2011.04.27-2) unstable; urgency=low

  * Fix yet another build failure on kfreebsd (use linux userspace)

golang (2011.04.27-1) unstable; urgency=low

  * Imported Upstream version 2011.04.27
  * Update debian/rules to allow pulling weekly upstream releases
  * Don't remove RUNPATH from binaries; fixed upstream (golang#1527)
  * Set GOHOSTOS and GOHOSTARCH to match dpkg-architecture variables
  * Add support for kfreebsd-i386, kfreebsd-amd64, armel and armhf
    architectures
    + 006-fix_kfreebsd_build.patch:
      - Add GNU/KFreeBSD support by replacing all uname calls by $(GOOS)
    + 007-use_native_dynamic_linker_on_kfreebsd.patch:
      - Use native kfreebsd dynamic linker (/lib/ld-*.so.1)
  * Add information about available architectures (Closes: #623877)
  * Don't strip gotest
  * Add Depends: golang-go to golang-tools
  * Add better support for armhf

golang (2011.04.13-1) unstable; urgency=low

  [ Florian Weimer ]
  * Delete bin directory in clean target
  * Enable parallel build
  * golang-src: install source files directly
  * Use proper symlink targets for architecture-independent toolchain
    names
  * Emacs mode: indent keys in struct literals properly

  [ Ondřej Surý ]
  * Imported Upstream weekly version 2011.04.13
  * Update patches to new weekly release
  * Add lintian-override for gotest binary

golang (2011.03.07.1-1) unstable; urgency=low

  * Imported Upstream version 2011.03.07.1
  * Install to /usr/lib/go
  * Remove xkcd strip to get rid of CC-NC-BY
  * Update golang-src.install to new upstream
  * Remove 002-use_GOROOT_FINAL_in_generated_binaries.patch; merged
    upstream
  * Make all .go files no-executable
  * Update lintian-overrides to include both types of syntax

golang (2011.02.15-2) unstable; urgency=low

  [ Ondřej Surý ]
  * Add ${misc:Depends} to golang-mode to shutup lintian
  * Rehaul build system and add golang-src package with .go source files
  * goinstall: do not automatically install prerequisities
  * goinstall: don't report to dashboard by default
  * Add a README.Debian about local modifications to goinstall
  * Add warning about local modifications also directly to goinstall command

  [ Florian Weimer ]
  * Fix syntax error in 004-
    dont_reinstall_dependencies_in_goinstall.patch

golang (2011.02.15-1) unstable; urgency=low

  [ Obey Arthur Liu ]
  * Added pkg-google git repo to control file

  [ Florian Weimer ]
  * Build golang-mode package

  [ Ondřej Surý ]
  * Imported Upstream version 2011.02.15
  * Don't compress godoc documentation
  * Correctly use $GOROOT_FINAL in the build chain
  * Remove RPATH/RUNPATH from go binaries

golang (2011.02.01.1-1) unstable; urgency=low

  [ Ivan Wong ]
  * Initial release (Closes: #574371)

  [ Jonathan Nieder ]
  * Fill out copyright file
  * Rewrite debian/rules using dh driver
  * debian: fix get-orig-source rule
  * debian: do not install extra files on repeated build
  * debian: fix reversed ‘if’
  * debian: do not leave around stale debian/env.sh+ file
  * debian: Build-Depends on awk instead of gawk
  * debian: add run-time dependency on perl
  * debian: add build-time dependency on perl
  * debian: fix setting of GOARM on arm
  * debian: do not compress files in web page
  * debian: install favicon

  [ Ondřej Surý ]
  * Make myself a maintainer
  * Add patch to allow IPv4 on IPv6 sockets (Courtesy of Florian Weimer)
  * Use GOROOT_FINAL and change GOBIN to /usr/bin
  * Get rid of env.sh and wrappers
  * Add support for building in i386 pbuilder on amd64 architecture
  * Rename source package to golang to match upstream repository name
  * Add golang-doc package
  * Split package into compiler, docs and tools
  * Don't install quietgcc and hgpatch
  * Don't generate fake gomake
  * Update golang-doc package
  * Export GOHOSTARCH and GOHOSTOS
  * Disable build time checks
  * Fail on missed installed files
  * Revert s{tmp{golang-go{ change in DESTDIR
  * Relicence debian/ files from versionless GPL to GPL-3
  * Move golang-doc to doc section
  * Add more lintian overrides for Go binaries
  * Install all 6,8,5 variants of commands
  * Install golang-* symlinks for 6,8,5* commands
  * Don't strip govet as well
  * Remove ${shlibs:Depends} where it doesn't belong
  * Move more html files to golang-doc package
  * Remove codereview directory - some python code to deal with mercurial
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked pull requests

Successfully merging a pull request may close this issue.

None yet