Shengjing Zhu pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e2b4d5eb by Shengjing Zhu at 2022-03-16T14:50:00+08:00
Track fixed version for golang-1.18 CVE-2022-24921
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6183,7 +6183,7 @@ CVE-2022-24923 (Improper access control vulnerability in
Samsung SearchWidget pr
CVE-2022-24922
RESERVED
CVE-2022-24921 (regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8
allows st ...)
- - golang-1.18 <unfixed>
+ - golang-1.18 1.18~rc1-1
- golang-1.17 1.17.8-1
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -6194,6 +6194,7 @@ CVE-2022-24921 (regexp.Compile in Go before 1.16.15 and
1.17.x before 1.17.8 all
NOTE: https://github.com/golang/go/issues/51112
NOTE: https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk
NOTE:
https://github.com/golang/go/commit/ac071634c487eb6ac5422652de3c7c18fba7c522
(go1.17.8)
+ NOTE:
https://github.com/golang/go/commit/452f24ae94f38afa3704d4361d91d51218405c0a
(go1.18rc1)
CVE-2022-24920
RESERVED
CVE-2022-24919 (An authenticated user can create a link with reflected
Javascript code ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2b4d5ebec58941e210ceabb064b1e62ac052931
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2b4d5ebec58941e210ceabb064b1e62ac052931
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
