Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
eac88af4 by Salvatore Bonaccorso at 2025-01-17T06:32:34+01:00
Update information on two Go issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,9 +1,21 @@
CVE-2024-45341
- golang-1.23 1.23.5-1
- golang-1.22 1.22.11-1
+ - golang-1.19 <removed>
+ - golang-1.15 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI
+ NOTE: https://go.dev/issue/71156
+ NOTE: Fixed by:
https://github.com/golang/go/commit/fdb8413fe588ec6dc31f1deaf43eb7202a76bb79
(go1.23.5)
+ NOTE: Fixed by:
https://github.com/golang/go/commit/19d21034157ba69d0f54318a9867d9b08730efcb
(go1.22.11)
CVE-2024-45336
- golang-1.23 1.23.5-1
- golang-1.22 1.22.11-1
+ - golang-1.19 <removed>
+ - golang-1.15 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/sSaUhLA-2SI
+ NOTE: https://go.dev/issue/70530
+ NOTE: Fixed by:
https://github.com/golang/go/commit/bb8230f80535945648e8b56739ad450cf433eba9
(go1.23.5)
+ NOTE: Fixed by:
https://github.com/golang/go/commit/b72d56f98d6620ebe07626dca4bb67ea8e185379
(go1.22.11)
CVE-2025-23783 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
NOT-FOR-US: WordPress plugin
CVE-2025-23767 (Improper Neutralization of Input During Web Page Generation
('Cross-si ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eac88af4c01f0f3ab13a85dbd6923298a8ad8471
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/eac88af4c01f0f3ab13a85dbd6923298a8ad8471
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
