[Git][security-tracker-team/security-tracker][master] Marked golang-golang-x-net-dev CVE-2022-41717 and CVE-2022-27664 as postponed.
Ola Lundqvist (@opal)
opal at debian.org
Sun Jun 18 20:42:33 BST 2023
Ola Lundqvist pushed to branch master at Debian Security Tracker / security-tracker
Commits:
00d9ac0a by Ola Lundqvist at 2023-06-18T21:41:44+02:00
Marked golang-golang-x-net-dev CVE-2022-41717 and CVE-2022-27664 as postponed.
Following the decision for golang-1.11 package.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -54866,6 +54866,7 @@ CVE-2022-41717 (An attacker can cause excessive memory growth in a Go server acc
[buster] - golang-1.11 <postponed> (Limited support, follow bullseye DSAs/point-releases)
- golang-golang-x-net 1:0.4.0+dfsg-1
- golang-golang-x-net-dev <removed>
+ [buster] - golang-golang-x-net-dev <postponed> (Limited support, follow bullseye DSAs/point-releases)
NOTE: https://groups.google.com/g/golang-announce/c/L_3rmdT0BMU
NOTE: https://go.dev/issue/56350
NOTE: https://github.com/golang/go/commit/618120c165669c00a1606505defea6ca755cdc27 (go1.19.4)
@@ -94168,6 +94169,7 @@ CVE-2022-27664 (In net/http in Go before 1.18.6 and 1.19.x before 1.19.1, attack
[buster] - golang-1.11 <postponed> (Limited support, minor issue, follow bullseye DSAs/point-releases)
- golang-golang-x-net 1:0.0+git20221012.0b7e1fb+dfsg-1
- golang-golang-x-net-dev <removed>
+ [buster] - golang-golang-x-net-dev <postponed> (Limited support, follow bullseye DSAs/point-releases)
NOTE: https://groups.google.com/g/golang-announce/c/x49AQzIVX-s
NOTE: https://github.com/golang/go/issues/54658
NOTE: https://github.com/golang/go/commit/9cfe4e258b1c9d4a04a42539c21c7bdb2e227824 (go1.19.1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00d9ac0a31fd26db3ef729e75113317349fa51dd
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/00d9ac0a31fd26db3ef729e75113317349fa51dd
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230618/d87b337c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list