[Git][security-tracker-team/security-tracker][master] golang-github-flynn-noise n/a
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Feb 17 18:35:32 GMT 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
265b646c by Moritz Muehlenhoff at 2023-02-17T19:35:11+01:00
golang-github-flynn-noise n/a
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -46045,7 +46045,9 @@ CVE-2022-2582 (The AWS S3 Crypto SDK sends an unencrypted hash of the plaintext
[buster] - golang-github-aws-aws-sdk-go <postponed> (Limited support, minor issue, hash leak, invasive, follow bullseye DSAs/point-releases)
NOTE: https://github.com/aws/aws-sdk-go/commit/35fa6ddf45c061e0f08d3a3b5119f8f4da38f6d1 (v1.33.0)
CVE-2021-4239 (The Noise protocol implementation suffers from weakened cryptographic ...)
- TODO: check
+ - golang-github-flynn-noise <not-affected> (Fixed with initial upload to archive)
+ NOTE: https://github.com/flynn/noise/pull/44
+ NOTE: https://pkg.go.dev/vuln/GO-2022-0425
CVE-2021-4238 (Randomly-generated alphanumeric strings contain significantly less ent ...)
- golang-github-masterminds-goutils <not-affected> (Fixed in initial upload to the archive)
NOTE: https://github.com/Masterminds/goutils/commit/869801f20f9f1e7ecdbdb6422049d8241270d5e1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/265b646cad6d609b57d8c49d65468ed7d26387fe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/265b646cad6d609b57d8c49d65468ed7d26387fe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230217/e2c53130/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list