[Git][security-tracker-team/security-tracker][master] 3 commits: Sort golang versions
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed May 8 20:13:45 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
bca01965 by Salvatore Bonaccorso at 2024-05-08T21:02:31+02:00
Sort golang versions
- - - - -
a9ca586c by Salvatore Bonaccorso at 2024-05-08T21:09:17+02:00
Adjust version for CVE-2024-24788
- - - - -
7ed8089c by Salvatore Bonaccorso at 2024-05-08T21:09:48+02:00
Reference commit for CVE-2024-24788
Interestingly the change is not included in 1.21.10 upstream tag.
Is the upstream advisory vs. https://go.dev/issue/66754 indeed wrong?
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,20 +1,21 @@
CVE-2024-24787
- - golang-1.21 <not-affected> (Specific to MacOS)
- golang-1.22 <not-affected> (Specific to MacOS)
+ - golang-1.21 <not-affected> (Specific to MacOS)
- golang-1.19 <not-affected> (Specific to MacOS)
- golang-1.15 <not-affected> (Specific to MacOS)
- golang-1.11 <not-affected> (Specific to MacOS)
NOTE: https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
NOTE: https://github.com/golang/go/issues/67119
CVE-2024-24788
- - golang-1.21 2.12.10-1
- golang-1.22 1.22.3-1
+ - golang-1.21 1.21.10-1
- golang-1.19 <removed>
- golang-1.15 <removed>
- golang-1.11 <removed>
NOTE: https://groups.google.com/g/golang-announce/c/wkkO4P9stm0
NOTE: https://github.com/golang/go/issues/66754
NOTE: https://go-review.googlesource.com/c/go/+/578375
+ NOTE: https://github.com/golang/go/commit/93d8777d244962d1b706c0b695c8b72e9702577e (go1.22.3)
CVE-2024-4456 (In affected versions of Octopus Server with certain access levels it w ...)
NOT-FOR-US: Octopus Server
CVE-2024-4393 (The Social Connect plugin for WordPress is vulnerable to authenticatio ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c96b94c2dc69ee81d0a02441bf13a03dc8db9e8f...7ed8089c2bad8cfff14da546076077a16c7a53cf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/c96b94c2dc69ee81d0a02441bf13a03dc8db9e8f...7ed8089c2bad8cfff14da546076077a16c7a53cf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240508/5f409dc7/attachment.htm>
More information about the debian-security-tracker-commits
mailing list