[Git][security-tracker-team/security-tracker][master] CVE-2018-1687{3,4,5}/golang-1.11 fixed in unstable

Salvatore Bonaccorso carnil at debian.org
Sat Dec 15 07:15:14 GMT 2018 

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d62294b1 by Salvatore Bonaccorso at 2018-12-15T07:13:54Z
CVE-2018-1687{3,4,5}/golang-1.11 fixed in unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -14787,21 +14787,21 @@ CVE-2018-16876 [Information disclosure in vvv+ mode with no_log on]
 	NOTE: https://github.com/ansible/ansible/pull/49569
 	NOTE: https://github.com/ansible/ansible/commit/4c6d714aefb05366cb329e139214c89ebb364899
 CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 ...)
-	- golang-1.11 <unfixed>
+	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29233
 	NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3)
 	NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6)
 	TODO: check other versions
 CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...)
-	- golang-1.11 <unfixed>
+	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29231
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)
 	NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6)
 	TODO: check other versions
 CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...)
-	- golang-1.11 <unfixed>
+	- golang-1.11 1.11.3-1
 	- golang-1.10 1.10.6-1
 	NOTE: https://github.com/golang/go/issues/29230
 	NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d62294b1e02e0fbe2214ec648f17195ee64f9a72

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/d62294b1e02e0fbe2214ec648f17195ee64f9a72
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20181215/3614ddfc/attachment.html>

More information about the debian-security-tracker-commits mailing list