[Git][security-tracker-team/security-tracker][master] golang-1.19 fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Jun 15 11:33:10 BST 2023
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
03317990 by Moritz Muehlenhoff at 2023-06-15T12:32:35+02:00
golang-1.19 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -9384,7 +9384,7 @@ CVE-2023-29406
CVE-2023-29405 (The go command may execute arbitrary code at build time when using cgo ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9396,7 +9396,7 @@ CVE-2023-29405 (The go command may execute arbitrary code at build time when usi
CVE-2023-29404 (The go command may execute arbitrary code at build time when using cgo ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9406,7 +9406,7 @@ CVE-2023-29404 (The go command may execute arbitrary code at build time when usi
CVE-2023-29403 (On Unix platforms, the Go runtime does not behave differently when a b ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9416,7 +9416,7 @@ CVE-2023-29403 (On Unix platforms, the Go runtime does not behave differently wh
CVE-2023-29402 (The go command may generate unexpected code at build time when using c ...)
- golang-1.20 1.20.5-1
[experimental] - golang-1.19 1.19.10-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/q5135a9d924
@@ -9430,7 +9430,7 @@ CVE-2023-29401 (The filename parameter of the Context.FileAttachment function is
CVE-2023-29400 (Templates containing actions in unquoted HTML attributes (e.g. "attr={ ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
@@ -24348,7 +24348,7 @@ CVE-2023-0510
CVE-2023-24540 (Not all valid JavaScript whitespace characters are considered to be wh ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
@@ -24360,7 +24360,7 @@ CVE-2023-24540 (Not all valid JavaScript whitespace characters are considered to
CVE-2023-24539 (Angle brackets (<>) are not considered dangerous characters when inser ...)
- golang-1.20 1.20.4-1
[experimental] - golang-1.19 1.19.9-1
- - golang-1.19 <unfixed>
+ - golang-1.19 1.19.10-2
[bookworm] - golang-1.19 <no-dsa> (Minor issue)
[bullseye] - golang-1.19 <no-dsa> (Minor issue)
- golang-1.15 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0331799079c0cdf7713907dfa616b394d7efb499
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0331799079c0cdf7713907dfa616b394d7efb499
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230615/f44548b1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list