[Git][security-tracker-team/security-tracker][master] golang-1.17 fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Aug 10 10:03:31 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
934beb79 by Moritz Muehlenhoff at 2022-08-10T11:03:07+02:00
golang-1.17 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -14960,7 +14960,7 @@ CVE-2022-32190
CVE-2022-32189 (A too-short encoded message can cause a panic in Float.GobDecode and R ...)
- golang-1.19 1.19-1
- golang-1.18 1.18.5-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53871
@@ -15055,7 +15055,7 @@ CVE-2022-32149
CVE-2022-32148 (Improper exposure of client IP addresses in net/http before Go 1.17.12 ...)
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://github.com/golang/go/issues/53423
@@ -15093,7 +15093,7 @@ CVE-2022-29519 (Cleartext transmission of sensitive information vulnerability ex
CVE-2022-1962 (Uncontrolled recursion in the Parse functions in go/parser before Go 1 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53616
@@ -19383,7 +19383,7 @@ CVE-2022-30636
CVE-2022-30635 (Uncontrolled recursion in Decoder.Decode in encoding/gob before Go 1.1 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53615
@@ -19404,7 +19404,7 @@ CVE-2022-30634 (Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.
CVE-2022-30633 (Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.17.12 ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53611
@@ -19414,7 +19414,7 @@ CVE-2022-30633 (Uncontrolled recursion in Unmarshal in encoding/xml before Go 1.
CVE-2022-30632 (Uncontrolled recursion in Glob in path/filepath before Go 1.17.12 and ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53416
@@ -19424,7 +19424,7 @@ CVE-2022-30632 (Uncontrolled recursion in Glob in path/filepath before Go 1.17.1
CVE-2022-30631 (Uncontrolled recursion in Reader.Read in compress/gzip before Go 1.17. ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53168
@@ -19434,7 +19434,7 @@ CVE-2022-30631 (Uncontrolled recursion in Reader.Read in compress/gzip before Go
CVE-2022-30630 (Uncontrolled recursion in Glob in io/fs before Go 1.17.12 and Go 1.18. ...)
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53415
@@ -19489,7 +19489,7 @@ CVE-2022-26834 (Improper access control vulnerability in Rakuten Casa version AP
CVE-2022-1705 (Acceptance of some invalid Transfer-Encoding headers in the HTTP/1 cli ...)
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- - golang-1.17 <unfixed>
+ - golang-1.17 1.17.13-1
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://go.dev/issue/53188
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934beb799c5059b1ea91f8c1ca235f09da8e666e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/934beb799c5059b1ea91f8c1ca235f09da8e666e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220810/44c0fc96/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list