[Git][security-tracker-team/security-tracker][master] golang-github-labstack-echo n/a

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Feb 20 16:16:10 GMT 2023



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
cdeb82d6 by Moritz Muehlenhoff at 2023-02-20T17:13:15+01:00
golang-github-labstack-echo n/a

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46574,7 +46574,12 @@ CVE-2020-36567 (Unsanitized input in the default logger in github.com/gin-gonic/
 CVE-2020-36566 (Due to improper path santization, archives containing relative file pa ...)
 	NOT-FOR-US: Go whyrusleeping/tar-utils
 CVE-2020-36565 (Due to improper sanitization of user input on Windows, the static file ...)
-	TODO: check
+	- golang-github-labstack-echo <not-affected> (Windows-specific)
+	- golang-github-labstack-echo.v2 <not-affected> (Windows-specific)
+	- golang-github-labstack-echo.v3 <not-affected> (Windows-specific)
+	NOTE: https://github.com/labstack/echo/pull/1718
+	NOTE: https://github.com/labstack/echo/commit/4422e3b66b9fd498ed1ae1d0242d660d0ed3faaa
+	NOTE: https://pkg.go.dev/vuln/GO-2021-0051
 CVE-2020-36564 (Due to improper validation of caller input, validation is silently dis ...)
 	TODO: check
 CVE-2020-36563 (XML Digital Signatures generated and validated using this package use  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdeb82d6b8051f569685bce25655fa98e9c6d4b3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/cdeb82d6b8051f569685bce25655fa98e9c6d4b3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230220/ce3fc651/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list