[Git][security-tracker-team/security-tracker][master] CVE-2020-29652 not affected in buster
Shengjing Zhu
zhsj at debian.org
Sat Jan 30 18:49:17 GMT 2021
Shengjing Zhu pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d679f1b4 by Shengjing Zhu at 2021-01-31T02:48:51+08:00
CVE-2020-29652 not affected in buster
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -17504,10 +17504,12 @@ CVE-2020-29653
RESERVED
CVE-2020-29652 (A nil pointer dereference in the golang.org/x/crypto/ssh component thr ...)
- golang-go.crypto 1:0.0~git20201221.eec23a3-1
+ [buster] - golang-go.crypto <not-affected> (Vulnerable code not present)
[stretch] - golang-go.crypto <not-affected> (Vulnerable code not present)
- kubernetes <unfixed>
NOTE: https://go-review.googlesource.com/c/crypto/+/278852
NOTE: https://groups.google.com/g/golang-announce/c/ouZIlBimOsE?pli=1
+ NOTE: Introduced in: https://github.com/golang/crypto/commit/cbcb750295291b33242907a04be40e80801d0cfc (2019-05-10)
NOTE: k8s vendors a copy
CVE-2021-1985
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d679f1b4969e260ada885ade2e4005c6aad70366
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d679f1b4969e260ada885ade2e4005c6aad70366
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210130/da1359e9/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list