Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a6689a6b by Salvatore Bonaccorso at 2023-12-03T08:20:51+01:00
Mark golang-1.19 as removed from unstable
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -3736,7 +3736,7 @@ CVE-2023-41111 (An issue was discovered in Samsung Mobile
Processor, Wearable Pr
CVE-2023-45284 (On Windows, The IsLocal function does not correctly detect
reserved de ...)
- golang-1.21 1.21.4-1 (unimportant)
- golang-1.20 1.20.11-1 (unimportant)
- - golang-1.19 <unfixed> (unimportant)
+ - golang-1.19 <removed> (unimportant)
- golang-1.15 <removed> (unimportant)
- golang-1.11 <removed> (unimportant)
NOTE: https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY
@@ -3747,7 +3747,7 @@ CVE-2023-45284 (On Windows, The IsLocal function does not
correctly detect reser
CVE-2023-45283 (The filepath package does not recognize paths with a \??\
prefix as sp ...)
- golang-1.21 1.21.4-1 (unimportant)
- golang-1.20 1.20.11-1 (unimportant)
- - golang-1.19 <unfixed> (unimportant)
+ - golang-1.19 <removed> (unimportant)
- golang-1.15 <removed> (unimportant)
- golang-1.11 <removed> (unimportant)
NOTE: https://groups.google.com/g/golang-announce/c/4tU8LZfBFkY
@@ -8399,7 +8399,7 @@ CVE-2023-36126 (There is a Cross Site Scripting (XSS)
vulnerability in the "them
CVE-2023-39325 (A malicious HTTP/2 client which rapidly creates requests and
immediate ...)
- golang-1.21 1.21.3-1
- golang-1.20 1.20.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 <removed>
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -9448,7 +9448,7 @@ CVE-2023-40556 (Cross-Site Request Forgery (CSRF)
vulnerability in Greg Ross Sch
CVE-2023-39323 (Line directives ("//line") can be used to bypass the
restrictions on " ...)
- golang-1.21 1.21.2-1
- golang-1.20 1.20.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 <removed>
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -34544,7 +34544,7 @@ CVE-2023-39320 (The go.mod toolchain directive,
introduced in Go 1.21, can be le
CVE-2023-39319 (The html/template package does not apply the proper rules for
handling ...)
- golang-1.21 1.21.1-1
- golang-1.20 1.20.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 <removed>
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -34557,7 +34557,7 @@ CVE-2023-39319 (The html/template package does not
apply the proper rules for ha
CVE-2023-39318 (The html/template package does not properly handle HTML-like
"" commen ...)
- golang-1.21 1.21.1-1
- golang-1.20 1.20.8-1
- - golang-1.19 <unfixed>
+ - golang-1.19 <removed>
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
[bullseye] - golang-1.15 <no-dsa> (Minor issue)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6689a6b806c7d0c7faadc53c84915402688c96e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a6689a6b806c7d0c7faadc53c84915402688c96e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
