Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f90d62ef by Salvatore Bonaccorso at 2023-12-05T22:24:59+01:00
Update status for CVE-2023-45283/go
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -4498,6 +4498,10 @@ CVE-2023-45283 (The filepath package does not recognize
paths with a \??\ prefix
NOTE: https://github.com/golang/go/issues/63713
NOTE:
https://github.com/golang/go/commit/9e933c189ca3a84f12995b3c799364a06abc4376
(go1.21.4)
NOTE:
https://github.com/golang/go/commit/46fb78168596f7ce8834f528bb0eb9555c08bcae
(go1.20.11)
+ NOTE: Requires a followup:
https://www.openwall.com/lists/oss-security/2023/12/05/2
+ NOTE: https://go.dev/issue/64028
+ NOTE:
https://github.com/golang/go/commit/8caf4bb3e78d0bc2d5598645b89ed8f0e9bd68f2
(go1.21.5)
+ NOTE:
https://github.com/golang/go/commit/1b59b017db1ac4a63ed08173c00d7f08d47530be
(go1.20.12)
NOTE: No security impact for Debian packages, only affects code running
on Windows
CVE-2023-5998 (Out-of-bounds Read in GitHub repository gpac/gpac prior to
2.3.0-DEV.)
- gpac <unfixed> (bug #1056282)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f90d62ef6c10f2b6d238a9c172c8e8595c33fd8e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f90d62ef6c10f2b6d238a9c172c8e8595c33fd8e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
