Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ac65735a by Salvatore Bonaccorso at 2023-04-10T13:26:31+02:00
Track fixed version for golang-1.19 issues via unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16732,7 +16732,7 @@ CVE-2023-24539
CVE-2023-24538 (Templates do not properly consider backticks (`) as Javascript
string ...)
- golang-1.20 1.20.3-1
[experimental] - golang-1.19 1.19.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.8-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
@@ -16742,7 +16742,7 @@ CVE-2023-24538 (Templates do not properly consider
backticks (`) as Javascript s
CVE-2023-24537 (Calling any of the Parse functions on Go source code which
contains // ...)
- golang-1.20 1.20.3-1
[experimental] - golang-1.19 1.19.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.8-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
@@ -16753,7 +16753,7 @@ CVE-2023-24537 (Calling any of the Parse functions on
Go source code which conta
CVE-2023-24536 (Multipart form parsing can consume large amounts of CPU and
memory whe ...)
- golang-1.20 1.20.3-1
[experimental] - golang-1.19 1.19.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.8-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
@@ -16765,7 +16765,7 @@ CVE-2023-24535
CVE-2023-24534 (HTTP and MIME header parsing can allocate large amounts of
memory, eve ...)
- golang-1.20 1.20.3-1
[experimental] - golang-1.19 1.19.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.8-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/Xdv6JL9ENs8
@@ -16777,7 +16777,7 @@ CVE-2023-24533 (Multiplication of certain unreduced
P-256 scalars produce incorr
CVE-2023-24532 (The ScalarMult and ScalarBaseMult methods of the P256 Curve
may return ...)
- golang-1.20 1.20.2-1
[experimental] - golang-1.19 1.19.7-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.8-2
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
- golang-1.11 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac65735a2d8ad0f4c44dbf2f3828a4bc2dc6c72e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ac65735a2d8ad0f4c44dbf2f3828a4bc2dc6c72e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
