[Git][security-tracker-team/security-tracker][master] 2 commits: Mark two golang-1.15 issues as no-dsa

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Dec 4 14:17:26 GMT 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9809a9c1 by Salvatore Bonaccorso at 2021-12-04T15:16:34+01:00
Mark two golang-1.15 issues as no-dsa

- - - - -
3ea7d30b by Salvatore Bonaccorso at 2021-12-04T15:16:55+01:00
Track proposed golang-1.15 updates via bullseye-pu

- - - - -


2 changed files:

- data/CVE/list
- data/next-point-update.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -10039,6 +10039,7 @@ CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go befor
 	- golang-1.17 1.17.3-1
 	- golang-1.16 1.16.10-1
 	- golang-1.15 <unfixed>
+	[bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release)
 	- golang-1.11 <removed>
 	- golang-1.8 <removed>
 	- golang-1.7 <removed>
@@ -18352,6 +18353,7 @@ CVE-2021-38297 (Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow
 	- golang-1.17 1.17.2-1
 	- golang-1.16 1.16.9-1
 	- golang-1.15 <unfixed>
+	[bullseye] - golang-1.15 <no-dsa> (Minor issue; will be fixed via point release)
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <not-affected> (Vulnerable code not present)


=====================================
data/next-point-update.txt
=====================================
@@ -44,3 +44,7 @@ CVE-2021-37146
 	[bullseye] - ros-ros-comm 1.15.9+ds1-7+deb11u1
 CVE-2021-44225
 	[bullseye] - keepalived 1:2.1.5-0.2+deb11u1
+CVE-2021-38297
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2
+CVE-2021-41771
+	[bullseye] - golang-1.15 1.15.15-1~deb11u2



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b40d3db8363064beda1a36e3c2bfdc40d111382...3ea7d30b19f9891b1b82172387846bcbe8a07267

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/9b40d3db8363064beda1a36e3c2bfdc40d111382...3ea7d30b19f9891b1b82172387846bcbe8a07267
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211204/2ef97548/attachment.htm>

More information about the debian-security-tracker-commits mailing list