[Git][security-tracker-team/security-tracker][master] golang-1.22 fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Wed Mar 6 07:58:15 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
617d794d by Moritz Muehlenhoff at 2024-03-06T08:57:46+01:00
golang-1.22 fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -110,7 +110,7 @@ CVE-2023-52583 [ceph: fix deadlock or deadcode of misusing dget()]
- linux 6.7.7-1
NOTE: https://git.kernel.org/linus/b493ad718b1f0357394d2cdecbf00a44a36fa085 (6.8-rc1)
CVE-2024-24785 [html/template: errors returned from MarshalJSON methods may break template escaping]
- - golang-1.22 <unfixed>
+ - golang-1.22 1.22.1-1
- golang-1.21 <unfixed>
- golang-1.19 <removed>
- golang-1.15 <removed>
@@ -119,7 +119,7 @@ CVE-2024-24785 [html/template: errors returned from MarshalJSON methods may brea
NOTE: https://github.com/golang/go/commit/056b0edcb8c152152021eebf4cf42adbfbe77992 (go1.22.1)
NOTE: https://github.com/golang/go/commit/3643147a29352ca2894fd5d0d2069bc4b4335a7e (go1.21.8)
CVE-2024-24784 [net/mail: comments in display names are incorrectly handled]
- - golang-1.22 <unfixed>
+ - golang-1.22 1.22.1-1
- golang-1.21 <unfixed>
- golang-1.19 <removed>
- golang-1.15 <removed>
@@ -128,7 +128,7 @@ CVE-2024-24784 [net/mail: comments in display names are incorrectly handled]
NOTE: https://github.com/golang/go/commit/5330cd225ba54c7dc78c1b46dcdf61a4671a632c (go1.22.1)
NOTE: https://github.com/golang/go/commit/263c059b09fdd40d9dd945f2ecb20c89ea28efe5 (go1.21.8)
CVE-2024-24783 [golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm]
- - golang-1.22 <unfixed>
+ - golang-1.22 1.22.1-1
- golang-1.21 <unfixed>
- golang-1.19 <removed>
- golang-1.15 <removed>
@@ -142,7 +142,7 @@ CVE-2023-5685 [StackOverflowException when the chain of notifier states becomes
- jboss-xnio <unfixed>
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2241822
CVE-2023-45290 [golang: net/http: memory exhaustion in Request.ParseMultipartFor]
- - golang-1.22 <unfixed>
+ - golang-1.22 1.22.1-1
- golang-1.21 <unfixed>
- golang-1.19 <removed>
- golang-1.15 <removed>
@@ -151,7 +151,7 @@ CVE-2023-45290 [golang: net/http: memory exhaustion in Request.ParseMultipartFor
NOTE: https://github.com/golang/go/commit/041a47712e765e94f86d841c3110c840e76d8f82 (go1.22.1)
NOTE: https://github.com/golang/go/commit/bf80213b121074f4ad9b449410a4d13bae5e9be0 (go1.21.8)
CVE-2023-45289 [golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect]
- - golang-1.22 <unfixed>
+ - golang-1.22 1.22.1-1
- golang-1.21 <unfixed>
- golang-1.19 <removed>
- golang-1.15 <removed>
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/617d794d21cb99766a2c39d965dc78339bacb5ba
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/617d794d21cb99766a2c39d965dc78339bacb5ba
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240306/dd64b129/attachment.htm>
More information about the debian-security-tracker-commits
mailing list