Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
15d13bdf by Salvatore Bonaccorso at 2026-02-06T22:50:14+01:00
Add Debian bug references for golang-golang-x-net issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -394,12 +394,12 @@ CVE-2025-68721 (Axigen Mail Server before 10.5.57
contains an improper access co
CVE-2025-68643 (Axigen Mail Server before 10.5.57 allows stored Cross-Site
Scripting ( ...)
NOT-FOR-US: Axigen Mail Server
CVE-2025-58190 (The html.Parse function in golang.org/x/net/html has an
infinite parsi ...)
- - golang-golang-x-net <unfixed>
+ - golang-golang-x-net <unfixed> (bug #1127320)
NOTE: https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c
NOTE: https://github.com/golang/go/issues/70179
NOTE: Fixed by:
https://github.com/golang/net/commit/6ec8895aa5f6594da7356da7d341b98133629009
(v0.45.0)
CVE-2025-47911 (The html.Parse function in golang.org/x/net/html has quadratic
parsing ...)
- - golang-golang-x-net <unfixed>
+ - golang-golang-x-net <unfixed> (bug #1127321)
NOTE: https://groups.google.com/g/golang-announce/c/jnQcOYpiR2c
NOTE: https://github.com/golang/go/issues/75682
NOTE: Fixed by:
https://github.com/golang/net/commit/59706cdaa8f95502fdec64b67b4c61d6ca58727d
(v0.45.0)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15d13bdfb2b317e7cc3c619779bfbaea0b364c28
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/15d13bdfb2b317e7cc3c619779bfbaea0b364c28
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
