[Git][security-tracker-team/security-tracker][master] golang fixed in sid

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Sep 9 11:09:26 BST 2024



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9e1d31c5 by Moritz Muehlenhoff at 2024-09-09T12:09:03+02:00
golang fixed in sid

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -294,8 +294,8 @@ CVE-2024-45498 (Example DAG: example_inlet_event_extra.py shipped with Apache Ai
 CVE-2024-45034 (Apache Airflow versions before 2.10.1 have a vulnerability that allows ...)
 	- airflow <itp> (bug #819700)
 CVE-2024-34158 (Calling Parse on a "// +build" build tag line with deeply nested expre ...)
-	- golang-1.23 <unfixed>
-	- golang-1.22 <unfixed>
+	- golang-1.23 1.23.1-1
+	- golang-1.22 1.22.7-1
 	- golang-1.21 <unfixed>
 	- golang-1.19 <removed>
 	[bookworm] - golang-1.19 <no-dsa> (Minor issue)
@@ -305,8 +305,8 @@ CVE-2024-34158 (Calling Parse on a "// +build" build tag line with deeply nested
 	NOTE: https://github.com/golang/go/commit/032ac075c20c01c6c35a672d1542d3e98eab84ea (go1.23.1)
 	NOTE: https://github.com/golang/go/commit/d4c53812e6ce2ac368173d7fcd31d0ecfcffb002 (go1.22.7)
 CVE-2024-34156 (Calling Decoder.Decode on a message which contains deeply nested struc ...)
-	- golang-1.23 <unfixed>
-	- golang-1.22 <unfixed>
+	- golang-1.23 1.23.1-1
+	- golang-1.22 1.22.7-1
 	- golang-1.21 <unfixed>
 	- golang-1.19 <removed>
 	[bookworm] - golang-1.19 <no-dsa> (Minor issue)
@@ -316,8 +316,8 @@ CVE-2024-34156 (Calling Decoder.Decode on a message which contains deeply nested
 	NOTE: https://github.com/golang/go/commit/fa8ff1a46deb6c816304441ec6740ec112e19012 (go1.23.1)
 	NOTE: https://github.com/golang/go/commit/2092294f2b097c5828f4eace6c98a322c1510b01 (go1.22.7)
 CVE-2024-34155 (Calling any of the Parse functions on Go source code which contains de ...)
-	- golang-1.23 <unfixed>
-	- golang-1.22 <unfixed>
+	- golang-1.23 1.23.1-1
+	- golang-1.22 1.22.7-1
 	- golang-1.21 <unfixed>
 	- golang-1.19 <removed>
 	[bookworm] - golang-1.19 <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e1d31c55e70665b1c8f17f1c557232dd6dfba0d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9e1d31c55e70665b1c8f17f1c557232dd6dfba0d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240909/98ac501f/attachment.htm>


More information about the debian-security-tracker-commits mailing list