Package: golang-google-protobuf Version: 1.33.0-1 Hey Anthony,
I noticed that this upload breaks autopkgtest for golang-github-golang-protobuf-1-5, cf. https://tracker.debian.org/pkg/golang-google-protobuf 40s # github.com/golang/protobuf/protoc-gen-go/descriptor 682 <https://ci.debian.net/packages/g/golang-github-golang-protobuf-1-5/testing/amd64/44515037/#L682> 40s src/ github.com/golang/protobuf/protoc-gen-go/descriptor/descriptor.pb.go:106:61: undefined: descriptorpb.Default_FileOptions_PhpGenericServices 683 <https://ci.debian.net/packages/g/golang-github-golang-protobuf-1-5/testing/amd64/44515037/#L683> 40s google.golang.org/protobuf/reflect/protodesc 684 <https://ci.debian.net/packages/g/golang-github-golang-protobuf-1-5/testing/amd64/44515037/#L684> do you know what's going on here? This seems to block migration of quite a few other packages, including security updates for buildah and libpod. -rt On Tue, Mar 26, 2024 at 8:21 PM Debian FTP Masters < ftpmas...@ftp-master.debian.org> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA256 > > Format: 1.8 > Date: Tue, 26 Mar 2024 17:49:06 -0600 > Source: golang-google-protobuf > Architecture: source > Version: 1.33.0-1 > Distribution: unstable > Urgency: medium > Maintainer: Debian Go Packaging Team <team+pkg...@tracker.debian.org> > Changed-By: Anthony Fok <f...@debian.org> > Closes: 1065684 > Changes: > golang-google-protobuf (1.33.0-1) unstable; urgency=medium > . > * New upstream version 1.33.0 > . > encoding/protojson, internal/encoding/json: handle missing object > values > . > In internal/encoding/json, report an error when encountering a } > when we are expecting an object field value. For example, the input > `{"":}` now correctly results in an error at the closing } token. > . > In encoding/protojson, check for an unexpected EOF token in > skipJSONValue. This is redundant with the check in > internal/encoding/json, > but adds a bit more defense against any other similar bugs that > might exist. > . > Fixes CVE-2024-24786 (Closes: #1065684) > . > * DH_GOLANG_INSTALL_EXTRA: Update path to editions_defaults.binpb > which was moved from reflect/protodesc/ to internal/editiondefaults/ > Checksums-Sha1: > b4aaad31d00d1ab4eccdbf8624d3b7831a3ab61a 2381 > golang-google-protobuf_1.33.0-1.dsc > 9673951a743296d76d1a474871c2443f7a449ffc 812348 > golang-google-protobuf_1.33.0.orig.tar.xz > 5a249134d9e0c499bd70f8978155a5ccd2573eaf 4060 > golang-google-protobuf_1.33.0-1.debian.tar.xz > d65004dfe310321fe0bfacd5a7a9ff8f2bcf15bd 6838 > golang-google-protobuf_1.33.0-1_amd64.buildinfo > Checksums-Sha256: > 1274db27a31a56d97a94efd04ed288922bbe8dcc46cf2e805ced2cd423bb8a01 2381 > golang-google-protobuf_1.33.0-1.dsc > 40d83211cdfc25e1c13c6de527b33516c21d6ef48188070ff22f29330abe4f84 812348 > golang-google-protobuf_1.33.0.orig.tar.xz > 9469684733b7810b2a382ea2c0e801c4b0b4bd90bc41399e3a76d8760996ac03 4060 > golang-google-protobuf_1.33.0-1.debian.tar.xz > ce0906317aab1c72969211523151d466ac98416e798139c8a7eec0eacefb6aa7 6838 > golang-google-protobuf_1.33.0-1_amd64.buildinfo > Files: > 9f76d0ea63ae9eb01ff3917847cd8ebc 2381 golang optional > golang-google-protobuf_1.33.0-1.dsc > e102870db4b3dfb32af3ee85f427acad 812348 golang optional > golang-google-protobuf_1.33.0.orig.tar.xz > b7485bec7ce51cb4b820b7c0df1c3a6e 4060 golang optional > golang-google-protobuf_1.33.0-1.debian.tar.xz > 1e8b2ecc9959e7a38402e295616a05ef 6838 golang optional > golang-google-protobuf_1.33.0-1_amd64.buildinfo > > -----BEGIN PGP SIGNATURE----- > > iQJEBAEBCAAuFiEEFCQhsZrUqVmW+VBy6iUAtBLFms8FAmYDYDAQHGZva2FAZGVi > aWFuLm9yZwAKCRDqJQC0EsWazzzsD/sGWkFsY9HxvjV+I3uOVIJFVNXno5jjvq+K > r4gn+iZeL6lXXZEUe5i0o+qBAoLdTCQ0e7LYnDLxQVrlWi7NgVvME75O0TjsMX3s > F+eevszYhb0MKeXq0VFmBDv+ZHVQoVgsom/2QDzJ9G70M1FIYc4QjQ/cQZ3DtyLc > SOf6J/520TdIIx4SC8ht54874GVxehBCSBk+ZRh4qnJc8OZfgg6qISEy3zhzov12 > AEPc7E2mmjZJwF16V9X6MMRJteEy4j4fTfEQ9GpQ+Gg9rnXwYSupuSINISQ8adiV > t8K7NCy9SZh/SIkUjTXcHskobTlUmajpBzDfJvl/W/1+nnZKjcHfMq9JcS0T7pyf > Nee3zubnjdIA9212hO27ygJcoQrPNsZ2yhLEn74NMY8W+z5u15qtqi6qlQ/xVcb3 > kwvOtzd3pIUcD+RbN4w1tKcD5ATW5Tlo2awt7DkKHOAtbXNf42N2/jlJbHWeMjgB > wDHFH0lVs7mZQT16glt8cvSZPjJyqPKzeVfAR2rnkBz162qjNLndeycyyGGXS9Wd > gWvu/Yk3VJyf8N5g8Qb+EVJQxX6XPXSaWWMaxaSaJ8PBVW1V2+hPEuseuLY0sZHV > 4kk0e4GtlzbMRDuDTm3Yq4XWVFiwLbtl4kw07u0QpHW9vRmLwClnDa0REJ4aGtih > idTusSuIxg== > =Ph/5 > -----END PGP SIGNATURE----- > > -- regards, Reinhard