Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
655bf7a4 by Salvatore Bonaccorso at 2025-02-07T09:34:42+01:00
Add CVE-2025-22866/go
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -101,7 +101,16 @@ CVE-2025-22936 (An issue in Smartcom Bulgaria AD Smartcom
Ralink CPE/WiFi router
CVE-2025-22867 (On Darwin, building a Go module which contains CGO can trigger
arbitra ...)
TODO: check
CVE-2025-22866 (Due to the usage of a variable time instruction in the
assembly implem ...)
- TODO: check
+ - golang-1.24 <unfixed>
+ - golang-1.23 <unfixed>
+ - golang-1.22 <unfixed>
+ - golang-1.19 <removed>
+ - golang-1.15 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k
+ NOTE: https://github.com/golang/go/issues/71383
+ NOTE:
https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93
(go1.24rc3)
+ NOTE:
https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056
(go1.23.6)
+ NOTE:
https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56
(go1.22.12)
CVE-2025-1078 (A vulnerability has been found in AppHouseKitchen AlDente
Charge Limit ...)
NOT-FOR-US: AppHouseKitchen AlDente Charge
CVE-2025-1076 (A Stored Cross-Site Scripting (Stored XSS) vulnerability has
been foun ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655bf7a4837120b9fc115285159e6bdcfe2bf85c
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655bf7a4837120b9fc115285159e6bdcfe2bf85c
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
