Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
746b86d5 by Moritz Muehlenhoff at 2023-02-17T19:33:17+01:00
"new" golang-github-revel-revel issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46063,7 +46063,11 @@ CVE-2021-4235 (Due to unbounded alias chasing, a
maliciously crafted YAML file c
CVE-2020-36569 (Authentication is globally bypassed in
github.com/nanobox-io/golang-na ...)
NOT-FOR-US: golang-nanoauth
CVE-2020-36568 (Unsanitized input in the query parser in
github.com/revel/revel before ...)
- TODO: check
+ - golang-github-revel-revel 1.0.0-1
+ NOTE: https://github.com/revel/revel/pull/1427
+ NOTE:
https://github.com/revel/revel/commit/d160ecb72207824005b19778594cbdc272e8a605
+ NOTE: https://github.com/revel/revel/issues/1424
+ NOTE: https://pkg.go.dev/vuln/GO-2020-0003
CVE-2020-36567 (Unsanitized input in the default logger in
github.com/gin-gonic/gin be ...)
- golang-github-gin-gonic-gin 1.6.3-1
[buster] - golang-github-gin-gonic-gin <postponed> (Limited support,
minor issue, follow bullseye DSAs/point-releases)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/746b86d5c021b3f7c9ffa419181a1fd6fdb6340a
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/746b86d5c021b3f7c9ffa419181a1fd6fdb6340a
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
