[Git][security-tracker-team/security-tracker][master] one golang issue is Win-specific

Wed, 15 Feb 2023 10:42:02 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
90e99270 by Moritz Muehlenhoff at 2023-02-15T19:41:20+01:00
one golang issue is Win-specific
add references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32970,6 +32970,7 @@ CVE-2022-41725
        - golang-1.19 <unfixed>
        - golang-1.15 <removed>
        - golang-1.11 <removed>
+       NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41724
        RESERVED
        - golang-1.20 1.20.1-1
@@ -32977,6 +32978,7 @@ CVE-2022-41724
        - golang-1.19 <unfixed>
        - golang-1.15 <removed>
        - golang-1.11 <removed>
+       NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41723 [http2/hpack: avoid quadratic complexity in hpack decoding]
        RESERVED
        - golang-1.20 1.20.1-1
@@ -32985,13 +32987,14 @@ CVE-2022-41723 [http2/hpack: avoid quadratic 
complexity in hpack decoding]
        - golang-1.15 <removed>
        - golang-1.11 <removed>
        - golang-golang-x-net 1:0.7.0+dfsg-1
+       NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41722
        RESERVED
-       - golang-1.20 1.20.1-1
-       [experimental] - golang-1.19 1.19.6-1
-       - golang-1.19 <unfixed>
-       - golang-1.15 <removed>
-       - golang-1.11 <removed>
+       - golang-1.20 <not-affected> (Windows-specific)
+       - golang-1.19 <not-affected> (Windows-specific)
+       - golang-1.15 <not-affected> (Windows-specific)
+       - golang-1.11 <not-affected> (Windows-specific)
+       NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41721 (A request smuggling attack is possible when using 
MaxBytesHandler. Whe ...)
        - golang-golang-x-net 1:0.4.0+dfsg-1
        [bullseye] - golang-golang-x-net <not-affected> (Vulnerable code not 
present)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to