[Git][security-tracker-team/security-tracker][master] "new" golang-github-revel-revel issue
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Feb 17 18:33:41 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
746b86d5 by Moritz Muehlenhoff at 2023-02-17T19:33:17+01:00
"new" golang-github-revel-revel issue
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46063,7 +46063,11 @@ CVE-2021-4235 (Due to unbounded alias chasing, a maliciously crafted YAML file c
CVE-2020-36569 (Authentication is globally bypassed in github.com/nanobox-io/golang-na ...)
NOT-FOR-US: golang-nanoauth
CVE-2020-36568 (Unsanitized input in the query parser in github.com/revel/revel before ...)
- TODO: check
+ - golang-github-revel-revel 1.0.0-1
+ NOTE: https://github.com/revel/revel/pull/1427
+ NOTE: https://github.com/revel/revel/commit/d160ecb72207824005b19778594cbdc272e8a605
+ NOTE: https://github.com/revel/revel/issues/1424
+ NOTE: https://pkg.go.dev/vuln/GO-2020-0003
CVE-2020-36567 (Unsanitized input in the default logger in github.com/gin-gonic/gin be ...)
- golang-github-gin-gonic-gin 1.6.3-1
[buster] - golang-github-gin-gonic-gin <postponed> (Limited support, minor issue, follow bullseye DSAs/point-releases)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/746b86d5c021b3f7c9ffa419181a1fd6fdb6340a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/746b86d5c021b3f7c9ffa419181a1fd6fdb6340a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230217/cb62b6d0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list