[Secure-testing-commits] r56414 - data/CVE
Salvatore Bonaccorso
carnil at moszumanska.debian.org
Wed Oct 4 20:34:48 UTC 2017
Author: carnil
Date: 2017-10-04 20:34:48 +0000 (Wed, 04 Oct 2017)
New Revision: 56414
Modified:
data/CVE/list
Log:
Add CVE-2017-1000098/golang*
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-04 20:14:43 UTC (rev 56413)
+++ data/CVE/list 2017-10-04 20:34:48 UTC (rev 56414)
@@ -104,7 +104,13 @@
CVE-2017-1000102 (The Details view of some Static Analysis Utilities based plugins, was ...)
NOT-FOR-US: Jenkins plugin
CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method starts ...)
- TODO: check
+ - golang-1.9 <not-affected> (Fixed before initial release to Debian)
+ - golang-1.8 <not-affected> (Fixed before initial release to Debian)
+ - golang-1.7 1.7.4-1
+ - golang <removed>
+ NOTE: https://groups.google.com/forum/#!msg/golang-dev/4NdLzS8sls8/uIz8QlnIBQAJ
+ NOTE: https://golang.org/cl/30410
+ NOTE: https://golang.org/issue/17965
CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates were not ...)
- golang <not-affected> (OS X specific issue)
- golang-1.7 <not-affected> (OS X specific issue)
More information about the Secure-testing-commits
mailing list