[Git][security-tracker-team/security-tracker][master] 2 commits: CVE-2022-23773/golang: stretch not-affected

Sat, 02 Apr 2022 02:15:49 -0700 


Sylvain Beucler pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
020987e7 by Sylvain Beucler at 2022-04-02T11:15:16+02:00
CVE-2022-23773/golang: stretch not-affected

- - - - -
a16ee2c1 by Sylvain Beucler at 2022-04-02T11:15:16+02:00
dla: add golang

- - - - -


2 changed files:

- data/CVE/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -13483,7 +13483,9 @@ CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x 
before 1.17.7 can misinte
        - golang-1.11 <removed>
        [buster] - golang-1.11 <no-dsa> (Minor issue)
        - golang-1.8 <removed>
+       [stretch] - golang-1.8 <not-affected> (vgo/modfetch module not present)
        - golang-1.7 <removed>
+       [stretch] - golang-1.7 <not-affected> (vgo/modfetch module not present)
        NOTE: https://github.com/golang/go/issues/35671
        NOTE: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
        NOTE: 
https://github.com/golang/go/commit/fbcc30a2c9d076b27b4b411e2cec91ec13528081 
(go1.17.7)


=====================================
data/dla-needed.txt
=====================================
@@ -36,6 +36,9 @@ gerbv
   NOTE: 20220326: CVE-2021-40401 is fixed 
https://salsa.debian.org/lts-team/packages/gerbv/-/blob/debian/stretch/debian/patches/CVE-2021-40401.patch
 (Anton)
   NOTE: 20220326: CVE-2021-4040{0,2,3} do not have confirmed upstream fixes 
yet. (Anton)
 --
+golang
+  NOTE: 20220402: harmonize with bullseye/11.3 (Beuc)
+--
 golang-go.crypto
   NOTE: 20220331: rebuild reverse-dependencies if needed, e.g. DLA-2402-1 -> 
DLA-2453-1/DLA-2454-1/DLA-2455-1; also check buster status (Beuc)
 --



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ebaf941753e69c6485e3344ce6f01a92d394ff1d...a16ee2c1fdb7ebd4b76773cb8b4c0a65f0952b10

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/ebaf941753e69c6485e3344ce6f01a92d394ff1d...a16ee2c1fdb7ebd4b76773cb8b4c0a65f0952b10
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to