[Git][security-tracker-team/security-tracker][master] 2 commits: Reference upstream issue for CVE-2021-34558

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
666dcb97 by Salvatore Bonaccorso at 2021-07-13T10:28:27+02:00
Reference upstream issue for CVE-2021-34558

- - - - -
cf15341b by Salvatore Bonaccorso at 2021-07-13T10:29:03+02:00
CVE-2021-34558: Add golang-1.15 tracking and TODO for older branches

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4803,8 +4803,11 @@ CVE-2021-3592 (An invalid pointer initialization issue was found in the SLiRP ne
 CVE-2021-34558
 	RESERVED
 	- golang-1.16 1.16.6-1
+	- golang-1.15 <unfixed>
+	NOTE: https://github.com/golang/go/issues/47143
 	NOTE: https://github.com/golang/go/commit/58bc454a11d4b3dbc03f44dfcabb9068a9c076f4 (1.16.x)
 	NOTE: key_agreement.go also bundled in various other packages
+	TODO: check older golang branches
 CVE-2021-34556
 	RESERVED
 CVE-2021-34555 (OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/63ad6f9918ee0a0b50af67b61cbe81e7aab25825...cf15341be4c0ec025069c5882b6d1477ceb6e761

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/63ad6f9918ee0a0b50af67b61cbe81e7aab25825...cf15341be4c0ec025069c5882b6d1477ceb6e761
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210713/1e4be9c8/attachment.htm>