[Git][security-tracker-team/security-tracker][master] one golang issue is Win-specific
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Feb 15 18:41:55 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
90e99270 by Moritz Muehlenhoff at 2023-02-15T19:41:20+01:00
one golang issue is Win-specific
add references
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32970,6 +32970,7 @@ CVE-2022-41725
- golang-1.19 <unfixed>
- golang-1.15 <removed>
- golang-1.11 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
CVE-2022-41724
RESERVED
- golang-1.20 1.20.1-1
@@ -32977,6 +32978,7 @@ CVE-2022-41724
- golang-1.19 <unfixed>
- golang-1.15 <removed>
- golang-1.11 <removed>
+ NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
CVE-2022-41723 [http2/hpack: avoid quadratic complexity in hpack decoding]
RESERVED
- golang-1.20 1.20.1-1
@@ -32985,13 +32987,14 @@ CVE-2022-41723 [http2/hpack: avoid quadratic complexity in hpack decoding]
- golang-1.15 <removed>
- golang-1.11 <removed>
- golang-golang-x-net 1:0.7.0+dfsg-1
+ NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
CVE-2022-41722
RESERVED
- - golang-1.20 1.20.1-1
- [experimental] - golang-1.19 1.19.6-1
- - golang-1.19 <unfixed>
- - golang-1.15 <removed>
- - golang-1.11 <removed>
+ - golang-1.20 <not-affected> (Windows-specific)
+ - golang-1.19 <not-affected> (Windows-specific)
+ - golang-1.15 <not-affected> (Windows-specific)
+ - golang-1.11 <not-affected> (Windows-specific)
+ NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFs_E
CVE-2022-41721 (A request smuggling attack is possible when using MaxBytesHandler. Whe ...)
- golang-golang-x-net 1:0.4.0+dfsg-1
[bullseye] - golang-golang-x-net <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/90e99270b29f3e2330271a4469e19e6f1fbf8223
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230215/82c938a0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list