[Secure-testing-commits] r56413 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 4 20:14:43 UTC 2017
Author: carnil
Date: 2017-10-04 20:14:43 +0000 (Wed, 04 Oct 2017)
New Revision: 56413
Modified:
data/CVE/list
Log:
Add CVE-2017-1000097/golang
The source is present, so technically <unfixed> (unimportant) would have
been more correct. But since the issue is specific to Darwin/OS X, we
can mark it as not-affected.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-04 19:33:41 UTC (rev 56412)
+++ data/CVE/list 2017-10-04 20:14:43 UTC (rev 56413)
@@ -106,7 +106,11 @@
CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method starts ...)
TODO: check
CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates were not ...)
- TODO: check
+ - golang <not-affected> (OS X specific issue)
+ - golang-1.7 <not-affected> (OS X specific issue)
+ - golang-1.8 <not-affected> (OS X specific issue)
+ - golang-1.9 <not-affected> (OS X specific issue)
+ NOTE: https://github.com/golang/go/issues/18141
CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in qBittorrent and ...)
TODO: check, can't make much sense of it, probably limited to Win32
CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found in the ...)
More information about the Secure-testing-commits
mailing list