Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
9c76527a by Moritz Muehlenhoff at 2022-07-23T23:08:59+02:00
add entries for golang 1.11/1.15, can be checked on suite-specific triage
no need to scatter TODO items
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10869,11 +10869,12 @@ CVE-2022-32148
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://github.com/golang/go/issues/53423
NOTE:
https://github.com/golang/go/commit/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a
(go1.19rc1)
NOTE:
https://github.com/golang/go/commit/ebea1e3353fa766025aa5190b9c7cc05cf069187
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/ed2f33e1a7e0d18f61bd56f7ee067331d612c27e
(go1.17.12)
- TODO: check details and older versions
CVE-2022-32147
RESERVED
CVE-2022-32146
@@ -10907,11 +10908,12 @@ CVE-2022-1962
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53616
NOTE:
https://github.com/golang/go/commit/695be961d57508da5a82217f7415200a11845879
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/0d1615b23f9a558aa0a1957b4c81596220eb8ec4
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/ba8788ebcead55e99e631c6a1157ad7b35535d11
(go1.17.12)
- TODO: check details and older versions
CVE-2022-1961 (The Google Tag Manager for WordPress (GTM4WP) plugin is
vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1960 (The MyCSS WordPress plugin through 1.1 does not have CSRF check
in pla ...)
@@ -15131,11 +15133,12 @@ CVE-2022-30635
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53615
NOTE:
https://github.com/golang/go/commit/6fa37e98ea4382bf881428ee0c150ce591500eb7
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/fb979a50823e5a0575cf6166b3f17a13364cbf81
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/cd54600b866db0ad068ab8df06c7f5f6cb55c9b3
(go1.17.12)
- TODO: check details and older versions
CVE-2022-30634 (Infinite loop in Read in crypto/rand before Go 1.17.11 and Go
1.18.3 o ...)
- golang-1.18 <not-affected> (Only affects Go on Windows)
- golang-1.17 <not-affected> (Only affects Go on Windows)
@@ -15152,41 +15155,45 @@ CVE-2022-30633
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53611
NOTE:
https://github.com/golang/go/commit/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/2924ced71d16297320e8ff18829c2038e6ad8d9b
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/2678d0c957193dceef336c969a9da74dd716a827
(go1.17.12)
- TODO: check details and older versions
CVE-2022-30632
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53416
NOTE:
https://github.com/golang/go/commit/ac68c6c683409f98250d34ad282b9e1b0c9095ef
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/5ebd862b1714dad1544bd10a24c47cdb53ad7f46
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/76f8b7304d1f7c25834e2a0cc9e88c55276c47df
(go1.17.12)
- TODO: check details and older versions
CVE-2022-30631
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53168
NOTE:
https://github.com/golang/go/commit/b2b8872c876201eac2d0707276c6999ff3eb185e
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/8e27a8ac4c001c27713810b75925aa3794049c48
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/0117dee7dccbbd7803d88f65a2ce8bd686219ad3
(go1.17.12)
- TODO: check details and older versions
CVE-2022-30630
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53415
NOTE:
https://github.com/golang/go/commit/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59
(go1.19rc2)
NOTE:
https://github.com/golang/go/commit/315e80d293b684ac2902819e58f618f1b5a14d49
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/8c1d8c836270615cfb5b229932269048ef59ac07
(go1.17.12)
- TODO: check details and older versions
CVE-2022-30629
RESERVED
- golang-1.18 1.18.3-1
@@ -15238,11 +15245,12 @@ CVE-2022-1705
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53188
NOTE:
https://github.com/golang/go/commit/e5017a93fcde94f09836200bca55324af037ee5f
(go1.19rc1)
NOTE:
https://github.com/golang/go/commit/222ee24a0046ae61679f4d97967e3b4058a3b90e
(go1.18.4)
NOTE:
https://github.com/golang/go/commit/d13431c37ab62f9755f705731536ff74e7165b08
(go1.17.12)
- TODO: check details and older versions
CVE-2022-1704
RESERVED
CVE-2022-1703 (Improper neutralization of special elements in the SonicWall
SSL-VPN S ...)
@@ -22770,7 +22778,8 @@ CVE-2022-28132
CVE-2022-28131
RESERVED
- golang-1.18 1.18.4-1
- TODO: check details and older versions
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
CVE-2022-28130
RESERVED
CVE-2022-28129
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c76527a5fd8fe1caf4d29eaadfec24d09001f3e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c76527a5fd8fe1caf4d29eaadfec24d09001f3e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
