Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: c3478a0d by Salvatore Bonaccorso at 2024-03-06T08:08:57+01:00 Add VE-2024-24785/go - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,12 @@ +CVE-2024-24785 [html/template: errors returned from MarshalJSON methods may break template escaping] + - golang-1.22 <unfixed> + - golang-1.21 <unfixed> + - golang-1.19 <removed> + - golang-1.15 <removed> + - golang-1.11 <removed> + NOTE: https://github.com/golang/go/issues/65697 + NOTE: https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1) + NOTE: https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8) CVE-2024-24784 [net/mail: comments in display names are incorrectly handled] - golang-1.22 <unfixed> - golang-1.21 <unfixed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3478a0d4fed733d8edf772c17c42eaba749dbf9 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c3478a0d4fed733d8edf772c17c42eaba749dbf9 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
