Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
265b646c by Moritz Muehlenhoff at 2023-02-17T19:35:11+01:00
golang-github-flynn-noise n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46045,7 +46045,9 @@ CVE-2022-2582 (The AWS S3 Crypto SDK sends an
unencrypted hash of the plaintext
[buster] - golang-github-aws-aws-sdk-go <postponed> (Limited support,
minor issue, hash leak, invasive, follow bullseye DSAs/point-releases)
NOTE:
https://github.com/aws/aws-sdk-go/commit/35fa6ddf45c061e0f08d3a3b5119f8f4da38f6d1
(v1.33.0)
CVE-2021-4239 (The Noise protocol implementation suffers from weakened
cryptographic ...)
- TODO: check
+ - golang-github-flynn-noise <not-affected> (Fixed with initial upload
to archive)
+ NOTE: https://github.com/flynn/noise/pull/44
+ NOTE: https://pkg.go.dev/vuln/GO-2022-0425
CVE-2021-4238 (Randomly-generated alphanumeric strings contain significantly
less ent ...)
- golang-github-masterminds-goutils <not-affected> (Fixed in initial
upload to the archive)
NOTE:
https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/265b646cad6d609b57d8c49d65468ed7d26387fe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/265b646cad6d609b57d8c49d65468ed7d26387fe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
