Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
cdeb82d6 by Moritz Muehlenhoff at 2023-02-20T17:13:15+01:00
golang-github-labstack-echo n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46574,7 +46574,12 @@ CVE-2020-36567 (Unsanitized input in the default
logger in github.com/gin-gonic/
CVE-2020-36566 (Due to improper path santization, archives containing relative
file pa ...)
NOT-FOR-US: Go whyrusleeping/tar-utils
CVE-2020-36565 (Due to improper sanitization of user input on Windows, the
static file ...)
- TODO: check
+ - golang-github-labstack-echo <not-affected> (Windows-specific)
+ - golang-github-labstack-echo.v2 <not-affected> (Windows-specific)
+ - golang-github-labstack-echo.v3 <not-affected> (Windows-specific)
+ NOTE: https://github.com/labstack/echo/pull/1718
+ NOTE:
https://github.com/labstack/echo/commit/4422e3b66b9fd498ed1ae1d0242d660d0ed3faaa
+ NOTE: https://pkg.go.dev/vuln/GO-2021-0051
CVE-2020-36564 (Due to improper validation of caller input, validation is
silently dis ...)
TODO: check
CVE-2020-36563 (XML Digital Signatures generated and validated using this
package use ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdeb82d6b8051f569685bce25655fa98e9c6d4b3
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdeb82d6b8051f569685bce25655fa98e9c6d4b3
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
