Shengjing Zhu pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
d679f1b4 by Shengjing Zhu at 2021-01-31T02:48:51+08:00
CVE-2020-29652 not affected in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17504,10 +17504,12 @@ CVE-2020-29653
RESERVED
CVE-2020-29652 (A nil pointer dereference in the golang.org/x/crypto/ssh
component thr ...)
- golang-go.crypto 1:0.0~git20201221.eec23a3-1
+ [buster] - golang-go.crypto <not-affected> (Vulnerable code not present)
[stretch] - golang-go.crypto <not-affected> (Vulnerable code not
present)
- kubernetes <unfixed>
NOTE: https://go-review.googlesource.com/c/crypto/+/278852
NOTE: https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
+ NOTE: Introduced in:
https://github.com/golang/crypto/commit/cbcb750295291b33242907a04be40e80801d0cfc
(2019-05-10)
NOTE: k8s vendors a copy
CVE-2021-1985
RESERVED
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d679f1b4969e260ada885ade2e4005c6aad70366
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d679f1b4969e260ada885ade2e4005c6aad70366
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
