Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
934beb79 by Moritz Muehlenhoff at 2022-08-10T11:03:07+02:00
golang-1.17 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14960,7 +14960,7 @@ CVE-2022-32190
CVE-2022-32189 (A too-short encoded message can cause a panic in
Float.GobDecode and R ...)
- golang-1.19 1.19-1
- golang-1.18 1.18.5-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53871
@@ -15055,7 +15055,7 @@ CVE-2022-32149
CVE-2022-32148 (Improper exposure of client IP addresses in net/http before Go
1.17.12 ...)
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://github.com/golang/go/issues/53423
@@ -15093,7 +15093,7 @@ CVE-2022-29519 (Cleartext transmission of sensitive
information vulnerability ex
CVE-2022-1962 (Uncontrolled recursion in the Parse functions in go/parser
before Go 1 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53616
@@ -19383,7 +19383,7 @@ CVE-2022-30636
CVE-2022-30635 (Uncontrolled recursion in Decoder.Decode in encoding/gob
before Go 1.1 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53615
@@ -19404,7 +19404,7 @@ CVE-2022-30634 (Infinite loop in Read in crypto/rand
before Go 1.17.11 and Go 1.
CVE-2022-30633 (Uncontrolled recursion in Unmarshal in encoding/xml before Go
1.17.12 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53611
@@ -19414,7 +19414,7 @@ CVE-2022-30633 (Uncontrolled recursion in Unmarshal in
encoding/xml before Go 1.
CVE-2022-30632 (Uncontrolled recursion in Glob in path/filepath before Go
1.17.12 and ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53416
@@ -19424,7 +19424,7 @@ CVE-2022-30632 (Uncontrolled recursion in Glob in
path/filepath before Go 1.17.1
CVE-2022-30631 (Uncontrolled recursion in Reader.Read in compress/gzip before
Go 1.17. ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53168
@@ -19434,7 +19434,7 @@ CVE-2022-30631 (Uncontrolled recursion in Reader.Read
in compress/gzip before Go
CVE-2022-30630 (Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and
Go 1.18. ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53415
@@ -19489,7 +19489,7 @@ CVE-2022-26834 (Improper access control vulnerability
in Rakuten Casa version AP
CVE-2022-1705 (Acceptance of some invalid Transfer-Encoding headers in the
HTTP/1 cli ...)
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53188
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934beb799c5059b1ea91f8c1ca235f09da8e666e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934beb799c5059b1ea91f8c1ca235f09da8e666e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
