[Git][security-tracker-team/security-tracker][master] add entries for golang 1.11/1.15, can be checked on suite-specific triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Sat Jul 23 22:09:45 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9c76527a by Moritz Muehlenhoff at 2022-07-23T23:08:59+02:00
add entries for golang 1.11/1.15, can be checked on suite-specific triage
no need to scatter TODO items
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -10869,11 +10869,12 @@ CVE-2022-32148
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://github.com/golang/go/issues/53423
NOTE: https://github.com/golang/go/commit/b2cc0fecc2ccd80e6d5d16542cc684f97b3a9c8a (go1.19rc1)
NOTE: https://github.com/golang/go/commit/ebea1e3353fa766025aa5190b9c7cc05cf069187 (go1.18.4)
NOTE: https://github.com/golang/go/commit/ed2f33e1a7e0d18f61bd56f7ee067331d612c27e (go1.17.12)
- TODO: check details and older versions
CVE-2022-32147
RESERVED
CVE-2022-32146
@@ -10907,11 +10908,12 @@ CVE-2022-1962
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53616
NOTE: https://github.com/golang/go/commit/695be961d57508da5a82217f7415200a11845879 (go1.19rc2)
NOTE: https://github.com/golang/go/commit/0d1615b23f9a558aa0a1957b4c81596220eb8ec4 (go1.18.4)
NOTE: https://github.com/golang/go/commit/ba8788ebcead55e99e631c6a1157ad7b35535d11 (go1.17.12)
- TODO: check details and older versions
CVE-2022-1961 (The Google Tag Manager for WordPress (GTM4WP) plugin is vulnerable to ...)
NOT-FOR-US: WordPress plugin
CVE-2022-1960 (The MyCSS WordPress plugin through 1.1 does not have CSRF check in pla ...)
@@ -15131,11 +15133,12 @@ CVE-2022-30635
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53615
NOTE: https://github.com/golang/go/commit/6fa37e98ea4382bf881428ee0c150ce591500eb7 (go1.19rc2)
NOTE: https://github.com/golang/go/commit/fb979a50823e5a0575cf6166b3f17a13364cbf81 (go1.18.4)
NOTE: https://github.com/golang/go/commit/cd54600b866db0ad068ab8df06c7f5f6cb55c9b3 (go1.17.12)
- TODO: check details and older versions
CVE-2022-30634 (Infinite loop in Read in crypto/rand before Go 1.17.11 and Go 1.18.3 o ...)
- golang-1.18 <not-affected> (Only affects Go on Windows)
- golang-1.17 <not-affected> (Only affects Go on Windows)
@@ -15152,41 +15155,45 @@ CVE-2022-30633
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53611
NOTE: https://github.com/golang/go/commit/c4c1993fd2a5b26fe45c09592af6d3388a3b2e08 (go1.19rc2)
NOTE: https://github.com/golang/go/commit/2924ced71d16297320e8ff18829c2038e6ad8d9b (go1.18.4)
NOTE: https://github.com/golang/go/commit/2678d0c957193dceef336c969a9da74dd716a827 (go1.17.12)
- TODO: check details and older versions
CVE-2022-30632
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53416
NOTE: https://github.com/golang/go/commit/ac68c6c683409f98250d34ad282b9e1b0c9095ef (go1.19rc2)
NOTE: https://github.com/golang/go/commit/5ebd862b1714dad1544bd10a24c47cdb53ad7f46 (go1.18.4)
NOTE: https://github.com/golang/go/commit/76f8b7304d1f7c25834e2a0cc9e88c55276c47df (go1.17.12)
- TODO: check details and older versions
CVE-2022-30631
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53168
NOTE: https://github.com/golang/go/commit/b2b8872c876201eac2d0707276c6999ff3eb185e (go1.19rc2)
NOTE: https://github.com/golang/go/commit/8e27a8ac4c001c27713810b75925aa3794049c48 (go1.18.4)
NOTE: https://github.com/golang/go/commit/0117dee7dccbbd7803d88f65a2ce8bd686219ad3 (go1.17.12)
- TODO: check details and older versions
CVE-2022-30630
RESERVED
- golang-1.19 1.19~rc2-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53415
NOTE: https://github.com/golang/go/commit/fa2d41d0ca736f3ad6b200b2a4e134364e9acc59 (go1.19rc2)
NOTE: https://github.com/golang/go/commit/315e80d293b684ac2902819e58f618f1b5a14d49 (go1.18.4)
NOTE: https://github.com/golang/go/commit/8c1d8c836270615cfb5b229932269048ef59ac07 (go1.17.12)
- TODO: check details and older versions
CVE-2022-30629
RESERVED
- golang-1.18 1.18.3-1
@@ -15238,11 +15245,12 @@ CVE-2022-1705
- golang-1.19 1.19~rc1-1
- golang-1.18 1.18.4-1
- golang-1.17 <unfixed>
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
NOTE: https://go.dev/issue/53188
NOTE: https://github.com/golang/go/commit/e5017a93fcde94f09836200bca55324af037ee5f (go1.19rc1)
NOTE: https://github.com/golang/go/commit/222ee24a0046ae61679f4d97967e3b4058a3b90e (go1.18.4)
NOTE: https://github.com/golang/go/commit/d13431c37ab62f9755f705731536ff74e7165b08 (go1.17.12)
- TODO: check details and older versions
CVE-2022-1704
RESERVED
CVE-2022-1703 (Improper neutralization of special elements in the SonicWall SSL-VPN S ...)
@@ -22770,7 +22778,8 @@ CVE-2022-28132
CVE-2022-28131
RESERVED
- golang-1.18 1.18.4-1
- TODO: check details and older versions
+ - golang-1.15 <removed>
+ - golang-1.11 <removed>
CVE-2022-28130
RESERVED
CVE-2022-28129
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c76527a5fd8fe1caf4d29eaadfec24d09001f3e
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c76527a5fd8fe1caf4d29eaadfec24d09001f3e
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220723/33b5d389/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list