[Git][security-tracker-team/security-tracker][master] Add CVE-2021-3319{5,7,8}/golang

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 5 12:50:02 BST 2021 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
242ba3eb by Salvatore Bonaccorso at 2021-06-05T13:49:31+02:00
Add CVE-2021-3319{5,7,8}/golang

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1527,8 +1527,24 @@ CVE-2021-33199
 	RESERVED
 CVE-2021-33198
 	RESERVED
+	- golang-1.16 <unfixed>
+	- golang-1.15 <unfixed>
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://github.com/golang/go/issues/44910
+	NOTE: https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI
+	TODO: check completeness/correctness of the tracking
 CVE-2021-33197
 	RESERVED
+	- golang-1.16 <unfixed>
+	- golang-1.15 <unfixed>
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://github.com/golang/go/issues/46313
+	NOTE: https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI
+	TODO: check completeness/correctness of the tracking
 CVE-2021-33196 [archive/zip: malformed archive may cause panic or memory exhaustion]
 	RESERVED
 	- golang-1.16 <unfixed> (bug #989492)
@@ -1542,6 +1558,14 @@ CVE-2021-33196 [archive/zip: malformed archive may cause panic or memory exhaust
 	TODO: check completeness/correctness of the tracking
 CVE-2021-33195
 	RESERVED
+	- golang-1.16 <unfixed>
+	- golang-1.15 <unfixed>
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://github.com/golang/go/issues/46241
+	NOTE: https://groups.google.com/g/golang-announce/c/RgCMkAEQjSI
+	TODO: check completeness/correctness of the tracking
 CVE-2021-33194 (Go through 1.15.12 and 1.16.x through 1.16.4 has a golang.org/x/net/ht ...)
 	- golang-golang-x-net 1:0.0+git20210119.5f4716e+dfsg-4
 	- golang-golang-x-net-dev <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/242ba3ebc1c7de3903093170272860d828120cb0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/242ba3ebc1c7de3903093170272860d828120cb0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210605/061b6bd6/attachment.htm>

More information about the debian-security-tracker-commits mailing list