Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
03317990 by Moritz Muehlenhoff at 2023-06-15T12:32:35+02:00
golang-1.19 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9384,7 +9384,7 @@ CVE-2023-29406
CVE-2023-29405 (The go command may execute arbitrary code at build time when
using cgo ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9396,7 +9396,7 @@ CVE-2023-29405 (The go command may execute arbitrary code
at build time when usi
CVE-2023-29404 (The go command may execute arbitrary code at build time when
using cgo ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9406,7 +9406,7 @@ CVE-2023-29404 (The go command may execute arbitrary code
at build time when usi
CVE-2023-29403 (On Unix platforms, the Go runtime does not behave differently
when a b ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9416,7 +9416,7 @@ CVE-2023-29403 (On Unix platforms, the Go runtime does
not behave differently wh
CVE-2023-29402 (The go command may generate unexpected code at build time when
using c ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9430,7 +9430,7 @@ CVE-2023-29401 (The filename parameter of the
Context.FileAttachment function is
CVE-2023-29400 (Templates containing actions in unquoted HTML attributes (e.g.
"attr={ ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
@@ -24348,7 +24348,7 @@ CVE-2023-0510
CVE-2023-24540 (Not all valid JavaScript whitespace characters are considered
to be wh ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
@@ -24360,7 +24360,7 @@ CVE-2023-24540 (Not all valid JavaScript whitespace
characters are considered to
CVE-2023-24539 (Angle brackets (<>) are not considered dangerous characters
when inser ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0331799079c0cdf7713907dfa616b394d7efb499
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0331799079c0cdf7713907dfa616b394d7efb499
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
