Your message dated Wed, 04 Mar 2026 17:34:53 +0000
with message-id <[email protected]>
and subject line Bug#1129258: fixed in golang-github-go-chi-chi 5.2.5-1
has caused the Debian Bug report #1129258,
regarding golang-github-go-chi-chi: CVE-2025-69725
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1129258: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129258
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: golang-github-go-chi-chi
Version: 5.2.3-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Hi,
The following vulnerability was published for golang-github-go-chi-chi.
CVE-2025-69725[0]:
| An Open Redirect vulnerability in the go-chi/chi >=5.2.2
| RedirectSlashes function allows remote attackers to redirect victim
| users to malicious websites using the legitimate website domain.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2025-69725
https://www.cve.org/CVERecord?id=CVE-2025-69725
[1] https://github.com/go-chi/chi/security/advisories/GHSA-mqqf-5wvp-8fh8
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: golang-github-go-chi-chi
Source-Version: 5.2.5-1
Done: Mathias Gibbens <[email protected]>
We believe that the bug you reported is fixed in the latest version of
golang-github-go-chi-chi, which is due to be installed in the Debian FTP
archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Mathias Gibbens <[email protected]> (supplier of updated
golang-github-go-chi-chi package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 04 Mar 2026 15:37:05 +0000
Source: golang-github-go-chi-chi
Architecture: source
Version: 5.2.5-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <[email protected]>
Changed-By: Mathias Gibbens <[email protected]>
Closes: 1129258
Changes:
golang-github-go-chi-chi (5.2.5-1) unstable; urgency=medium
.
* Team upload
* New upstream release
- Includes fix for CVE-2025-69725 (Closes: #1129258)
* Update Standards-Version to 4.7.3 in d/control, drop Priority field
Checksums-Sha1:
4e59e3ba8cc51a40c9feca5e63109afcb7a31a88 2209
golang-github-go-chi-chi_5.2.5-1.dsc
32fddda365a1d7bcf1a096382c0f5a2b96b406eb 89207
golang-github-go-chi-chi_5.2.5.orig.tar.gz
6357e866c35bd16c172fd31b91796fc94da51e14 2584
golang-github-go-chi-chi_5.2.5-1.debian.tar.xz
08f580714d1ba3f5e35646bb63b1c3d85a878f43 6031
golang-github-go-chi-chi_5.2.5-1_amd64.buildinfo
Checksums-Sha256:
b17ab7f840068a9bafa97b3d18c269610dd279d63dd9015cc0f524b0718e41e2 2209
golang-github-go-chi-chi_5.2.5-1.dsc
2b0a87b1e7da504b534d7e8a2bb6e6d0781b63a2839270ad17fab12fe8c24e47 89207
golang-github-go-chi-chi_5.2.5.orig.tar.gz
35e06496846db792df680c748393f22ceeaee60839844a7763bf094df58e5ba4 2584
golang-github-go-chi-chi_5.2.5-1.debian.tar.xz
6a9faf4994593c7aa9c4143182ddd68c75f2dc926d4f4aa995ab9c6fbb4c87f9 6031
golang-github-go-chi-chi_5.2.5-1_amd64.buildinfo
Files:
cda40360be580586713b0e18e28bfdbb 2209 golang optional
golang-github-go-chi-chi_5.2.5-1.dsc
02dcf6dde6ed4fa5c2afc4391af542d1 89207 golang optional
golang-github-go-chi-chi_5.2.5.orig.tar.gz
fa28196ee8bf213b76977115d16569a9 2584 golang optional
golang-github-go-chi-chi_5.2.5-1.debian.tar.xz
968ca10fe38aa042130cc92d6abfb63c 6031 golang optional
golang-github-go-chi-chi_5.2.5-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCgAwFiEE1Bp60H32xfynSJ8cKe7i1uz0QvkFAmmoaZ0SHGdpYm1hdEBk
ZWJpYW4ub3JnAAoJECnu4tbs9EL5fvAP/AgjHZnrt2vI0c4kS6f5gzyHy8qPb3bV
gxXiCi7YlbJZ4NQevZZMg5BS/10OxBG552vVhbtmASshTZsln1zLuHb0Sq9hWNGK
dtfZqXVKdDUP+dUDXAmVSMwHyOdrSj3J3F8O5WNBZ9QMRC9JY4iW3CIMoZRNfxu4
khchPZpAoURaLvhBEbYkdGxiWVL1pa7Y/8pGw9kf8/g2kkF7mDp0xGLK6EatkI1M
9LsD9WkZWRIQ1N5lZxVIyx+5vRC9GfWOLBavCRwzO+CWUC0nG4E2L7wY//3I5Sep
Ww+sWMGPG6D667zvoxvsVLY+aVqfZc2bZL3FpKS94ar6X4VYZLoaDG0d8XXLDa7m
Db54uV9tX2aToUjm3vLjwin25dOq2F96qG2mg0qJvLg0CsjN7foiGxnDLRhAU07t
JNDS3G0jblhASUceCXdU7Y1OfkPDUFi1Sct2we7KAvZgrikxD3ZbL352tSJqFDJv
r3t436tE3ZbxDt+GUMVox99PjJ/wHFqlVjVCw6kEfY6s8XyqCvojt3KRS06kMmE6
cphIozJbUy5Xn6o8BUsOB91HrLlUGRwmyGoxT/4bGTl2OjPIo884Tvc/+gMUFuBr
V22YPFqvyVNvBffhhESZkfOkKG/VsX/Hx55Zh3O3w3aW7EZ0mQLP3o/Y8oZsN7su
bu8KIRzdecoo
=xJx3
-----END PGP SIGNATURE-----
pgpFYNumXn1E7.pgp
Description: PGP signature
--- End Message ---
