[Git][security-tracker-team/security-tracker][master] add golang packages present in oldstable as

Wed, 15 Jul 2020 04:01:26 -0700 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
98076146 by Moritz Muehlenhoff at 2020-07-15T13:00:39+02:00
add golang packages present in oldstable as <removed>

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -419,6 +419,9 @@ CVE-2020-15586
        RESERVED
        - golang-1.14 <unfixed>
        - golang-1.11 <removed>
+       - golang-1.8 <removed>
+       - golang-1.7 <removed>
+       - golang <removed>
        NOTE: 
https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
 CVE-2020-15585
        RESERVED
@@ -4176,7 +4179,6 @@ CVE-2020-14039
        - golang-1.14 <not-affected> (Windows-specific)
        - golang-1.11 <not-affected> (Windows-specific)
        NOTE: 
https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ
-       TODO: check older versions than golang-1.11
 CVE-2020-XXXX [Editor: Ensure latest comments can only be viewed from public 
posts]
        - wordpress 5.4.2+dfsg1-1 (bug #962685)
        [buster] - wordpress 5.0.10+dfsg1-0+deb10u1
@@ -20816,11 +20818,13 @@ CVE-2020-7919 (Go before 1.12.16 and 1.13.x before 
1.13.7 (and the crypto/crypto
        - golang-1.13 1.13.7-1
        - golang-1.11 <removed>
        [buster] - golang-1.11 <postponed> (Minor issue, can be fixed along in 
next DSA)
+       - golang-1.8 <removed>
+       - golang-1.7 <removed>
+       - golang <removed>
        NOTE: https://github.com/golang/go/issues/36837
        NOTE: 
https://github.com/golang/go/commit/b13ce14c4a6aa59b7b041ad2b6eed2d23e15b574 
(master)
        NOTE: https://github.com/golang/go/issues/36838 (Go 1.13)
        NOTE: 
https://github.com/golang/go/commit/f938e06d0623d0e1de202575d16f1e126741f6e0 
(go1.13.7)
-       TODO: check older versions than golang-1.11
 CVE-2020-7918 (An insecure direct object reference in webmail in totemo 
totemomail 7. ...)
        NOT-FOR-US: totemo totemomail
 CVE-2020-7917



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/980761461e297d2b9bdfa1e67988762685c018a8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/980761461e297d2b9bdfa1e67988762685c018a8
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to