[Git][security-tracker-team/security-tracker][master] CVE-2018-1687{3,4,5}/golang-1.10 fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Sat Dec 15 07:13:23 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
894d8cf3 by Salvatore Bonaccorso at 2018-12-15T07:11:53Z
CVE-2018-1687{3,4,5}/golang-1.10 fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14788,21 +14788,21 @@ CVE-2018-16876 [Information disclosure in vvv+ mode with no_log on]
 	NOTE: https://github.com/ansible/ansible/commit/4c6d714aefb05366cb329e139214c89ebb364899
 CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 ...)
 	- golang-1.11 <unfixed>
-	- golang-1.10 <unfixed>
+	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29233
 	NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3)
 	NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6)
 	TODO: check other versions
 CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...)
 	- golang-1.11 <unfixed>
-	- golang-1.10 <unfixed>
+	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29231
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	TODO: check other versions
 CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...)
 	- golang-1.11 <unfixed>
-	- golang-1.10 <unfixed>
+	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29230
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)
 	NOTE: https://github.com/golang/go/commit/5aedc8af94c0a8ffc58cbd09993192dea9b238db (1.11.3)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/894d8cf3571a130b3f89869da74a054ab8c83166

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/894d8cf3571a130b3f89869da74a054ab8c83166
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181215/9757f622/attachment.html>

More information about the debian-security-tracker-commits mailing list