Sylvain Beucler pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fdaedd28 by Sylvain Beucler at 2022-09-13T09:57:42+02:00
CVE-2022-1705/golang: buster not-affected
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -26246,12 +26246,13 @@ CVE-2022-1705 (Acceptance of some invalid
Transfer-Encoding headers in the HTTP/
- golang-1.18 1.18.4-1
- golang-1.17 1.17.13-1
- golang-1.15 <removed>
- - golang-1.11 <removed>
+ - golang-1.11 <not-affected>
[buster] - golang-1.11 <no-dsa> (Limited support)
NOTE: https://go.dev/issue/53188
NOTE:
https://github.com/golang/go/commit/e5017a93fcde94f09836200bca55324af037ee5f
(go1.19rc1)
NOTE:
https://github.com/golang/go/commit/222ee24a0046ae61679f4d97967e3b4058a3b90e
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/d13431c37ab62f9755f705731536ff74e7165b08
(go1.17.12)
+ NOTE: Introduced by
https://github.com/golang/go/commit/d5734d4f2dd1168dc3df94f2b9912299aea0c0ac
(go1.15beta1)
CVE-2022-1704 (Due to an XML external entity reference, the software parses
XML in th ...)
NOT-FOR-US: Ignition
CVE-2022-1703 (Improper neutralization of special elements in the SonicWall
SSL-VPN S ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdaedd28feece2b0c0e10f89118ed08f63aa8e66
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fdaedd28feece2b0c0e10f89118ed08f63aa8e66
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
