[Git][security-tracker-team/security-tracker][master] one golang issue is Win-specific

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Feb 15 18:41:55 GMT 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
90e99270 by Moritz Muehlenhoff at 2023-02-15T19:41:20+01:00
one golang issue is Win-specific
add references

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -32970,6 +32970,7 @@ CVE-2022-41725
 	- golang-1.19 <unfixed>
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41724
 	RESERVED
 	- golang-1.20 1.20.1-1
@@ -32977,6 +32978,7 @@ CVE-2022-41724
 	- golang-1.19 <unfixed>
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41723 [http2/hpack: avoid quadratic complexity in hpack decoding]
 	RESERVED
 	- golang-1.20 1.20.1-1
@@ -32985,13 +32987,14 @@ CVE-2022-41723 [http2/hpack: avoid quadratic complexity in hpack decoding]
 	- golang-1.15 <removed>
 	- golang-1.11 <removed>
 	- golang-golang-x-net 1:0.7.0+dfsg-1
+	NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41722
 	RESERVED
-	- golang-1.20 1.20.1-1
-	[experimental] - golang-1.19 1.19.6-1
-	- golang-1.19 <unfixed>
-	- golang-1.15 <removed>
-	- golang-1.11 <removed>
+	- golang-1.20 <not-affected> (Windows-specific)
+	- golang-1.19 <not-affected> (Windows-specific)
+	- golang-1.15 <not-affected> (Windows-specific)
+	- golang-1.11 <not-affected> (Windows-specific)
+	NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
 CVE-2022-41721 (A request smuggling attack is possible when using MaxBytesHandler. Whe ...)
 	- golang-golang-x-net 1:0.4.0+dfsg-1
 	[bullseye] - golang-golang-x-net <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230215/82c938a0/attachment.htm>


More information about the debian-security-tracker-commits mailing list