[Git][security-tracker-team/security-tracker][master] CVE-2022-2879,CVE-2022-2880,CVE-2022-41715/golang-1.11: buster postponed

Sylvain Beucler (@beuc) beuc at debian.org
Fri Nov 4 08:23:53 GMT 2022 


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
461da654 by Sylvain Beucler at 2022-11-04T09:23:32+01:00
CVE-2022-2879,CVE-2022-2880,CVE-2022-41715/golang-1.11: buster postponed

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10414,6 +10414,7 @@ CVE-2022-41715 (Programs which compile regular expressions from untrusted source
 	- golang-1.17 <unfixed>
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
+	[buster] - golang-1.11 <postponed> (Limited support, follow bullseye DSAs/point-releases)
 	NOTE: https://go.dev/issue/55949
 	NOTE: https://github.com/golang/go/commit/645abfe529dc325e16daa17210640c2907d1c17a (go1.19.2)
 	NOTE: https://github.com/golang/go/commit/e9017c2416ad0ef642f5e0c2eab2dbf3cba4d997 (go1.18.7)
@@ -18950,6 +18951,7 @@ CVE-2022-2880 (Requests forwarded by ReverseProxy include the raw query paramete
 	- golang-1.17 <unfixed>
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
+	[buster] - golang-1.11 <postponed> (Limited support, follow bullseye DSAs/point-releases)
 	NOTE: https://go.dev/issue/54663
 	NOTE: https://github.com/golang/go/commit/f6d844510d5f1e3b3098eba255d9b633d45eac3b (go1.19.2)
 	NOTE: https://github.com/golang/go/commit/9d2c73a9fd69e45876509bb3bdb2af99bf77da1e (go1.18.7)
@@ -18959,6 +18961,7 @@ CVE-2022-2879 (Reader.Read does not set a limit on the maximum size of file head
 	- golang-1.17 <unfixed>
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
+	[buster] - golang-1.11 <postponed> (Limited support, follow bullseye DSAs/point-releases)
 	NOTE: https://go.dev/issue/54853
 	NOTE: https://github.com/golang/go/commit/4fa773cdefd20be093c84f731be7d4febf5536fa (go1.19.2)
 	NOTE: https://github.com/golang/go/commit/0a723816cd205576945fa57fbdde7e6532d59d08 (go1.18.7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/461da654173bba221c0b58cf8a0c56f6d168fbd0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/461da654173bba221c0b58cf8a0c56f6d168fbd0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221104/b6b8aea8/attachment.htm>

More information about the debian-security-tracker-commits mailing list