[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.18 CVE-2022-23806 CVE-2022-23773 via unstable

[Shengjing Zhu (@zhsj)]

Shengjing Zhu pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f7b850d8 by Shengjing Zhu at 2022-02-18T01:48:47+08:00
Track fixed version for golang-1.18 CVE-2022-23806 CVE-2022-23773 via unstable

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4819,7 +4819,7 @@ CVE-2022-23807 (An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 b
 	NOTE: https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/3 (missing 2FA packages)
 	NOTE: 2FA support is not packaged in Debian
 CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -4937,7 +4937,7 @@ CVE-2022-23775
 CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...)
 	NOT-FOR-US: Docker Desktop
 CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret  ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7b850d8d62ef388c8d1da4148174d1e1d5106c0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7b850d8d62ef388c8d1da4148174d1e1d5106c0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220217/44705152/attachment.htm>