[Git][security-tracker-team/security-tracker][master] Reserve DLA-2891-1 for golang-1.8

Sylvain Beucler (@beuc) beuc at debian.org
Fri Jan 21 20:58:52 GMT 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
949dcd3e by Sylvain Beucler at 2022-01-21T21:58:34+01:00
Reserve DLA-2891-1 for golang-1.8

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -41270,7 +41270,6 @@ CVE-2021-33196 (In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a
 	- golang-1.11 <removed>
 	[buster] - golang-1.11 <no-dsa> (Minor issue)
 	- golang-1.8 <removed>
-	[stretch] - golang-1.8 <postponed> (Minor issue, OOM, requires rebuilding reverse-dependencies)
 	- golang-1.7 <removed>
 	[stretch] - golang-1.7 <postponed> (Minor issue, OOM, requires rebuilding reverse-dependencies)
 	NOTE: https://github.com/golang/go/issues/46242


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[21 Jan 2022] DLA-2891-1 golang-1.8 - security update
+	{CVE-2021-33196 CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717}
+	[stretch] - golang-1.8 1.8.1-1+deb9u4
 [21 Jan 2022] DLA-2890-1 libspf2 - security update
 	{CVE-2021-33912 CVE-2021-33913}
 	[stretch] - libspf2 1.2.10-7+deb9u2


=====================================
data/dla-needed.txt
=====================================
@@ -53,9 +53,6 @@ gif2apng
 golang-1.7 (Sylvain Beucler)
   NOTE: 20220114: harmonize with bullseye-11.2 (CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717) (Beuc)
 --
-golang-1.8 (Sylvain Beucler)
-  NOTE: 20220114: harmonize with bullseye-11.2 (CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717) (Beuc)
---
 gpac (Roberto C. Sánchez)
   NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto)
   NOTE: 20211120: received OK from secteam for buster update, working on stretch/buster in parallel (roberto)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/949dcd3e10dea7e0f94ac055a82c2ab7438dc2ee

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/949dcd3e10dea7e0f94ac055a82c2ab7438dc2ee
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220121/09f3d562/attachment.htm>

More information about the debian-security-tracker-commits mailing list