Brian May <b...@debian.org> writes: > Anyway, as this was marked as minor for golang-1.7 in Stretch, probably > also should be marked as minor for golang-golang-x-net-dev also...
According to https://security-tracker.debian.org/tracker/CVE-2019-9512, golang-golang-x-net-dev is a source package that is vulnerable. But golang-golang-x-net-dev is not a source package. In fact https://packages.debian.org/search?searchon=sourcenames&keywords=golang-golang-x-crypto-dev returns 0 results. golang-golang-x-net-dev is a binary package. The source package is called golang-go.crypto. This had really confusing me for a while. -- Brian May <b...@debian.org>
