[Git][security-tracker-team/security-tracker][master] Add CVE-2020-2836{2,6,7}/golang*

Salvatore Bonaccorso carnil at debian.org
Sat Nov 14 18:51:38 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6883236c by Salvatore Bonaccorso at 2020-11-14T19:51:09+01:00
Add CVE-2020-2836{2,6,7}/golang*

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1708,8 +1708,20 @@ CVE-2020-28368 (Xen through 4.14.x allows guest OS administrators to obtain sens
 	NOTE: https://xenbits.xen.org/xsa/advisory-351.html
 CVE-2020-28367
 	RESERVED
+	- golang-1.15 1.15.5-1
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
+	NOTE: https://github.com/golang/go/issues/42556
 CVE-2020-28366
 	RESERVED
+	- golang-1.15 1.15.5-1
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
+	NOTE: https://github.com/golang/go/issues/42559
 CVE-2020-28365
 	RESERVED
 CVE-2020-28364 (A stored cross-site scripting (XSS) vulnerability affects the Web UI i ...)
@@ -1718,6 +1730,12 @@ CVE-2020-28363
 	RESERVED
 CVE-2020-28362
 	RESERVED
+	- golang-1.15 1.15.5-1
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/NpBGTTmKzpM/m/fLguyiM2CAAJ
+	NOTE: https://github.com/golang/go/issues/42552
 CVE-2020-XXXX [slab-out-of-bounds Read in fbcon]
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/3c4e0dff2095c579b142d5a0693257f1c58b4804



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6883236c76b8d84ec5b8cbb7c014ecfdc2ec9d91

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6883236c76b8d84ec5b8cbb7c014ecfdc2ec9d91
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201114/114045a5/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list