[Git][security-tracker-team/security-tracker][master] Add two new go issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Dec 2 21:30:20 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
247c4533 by Salvatore Bonaccorso at 2025-12-02T22:29:50+01:00
Add two new go issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -53,8 +53,25 @@ CVE-2025-64070 (Sourcecodester Student Grades Management System v1.0 is vulnerab
 	NOT-FOR-US: SourceCodester
 CVE-2025-63872 (DeepSeek V3.2 has a Cross Site Scripting (XSS) vulnerability, which al ...)
 	NOT-FOR-US: DeepSeek
+CVE-2025-61727
+	- golang-1.25 <unfixed>
+	- golang-1.24 <unfixed>
+	- golang-1.19 <removed>
+	- golang-1.15 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/8FJoBkPddm4
+	NOTE: https://github.com/golang/go/issues/76442
+	NOTE: Fixed by: https://github.com/golang/go/commit/287017acebd27203aa3218abbd11ed65c2280cf8 (go1.25.5)
+	NOTE: Fixed by: https://github.com/golang/go/commit/04db77a423cac75bb82cc9a6859991ae9c016344 (go1.24.11)
 CVE-2025-61729 (Within HostnameError.Error(), when constructing an error string, there ...)
-	TODO: check
+	- golang-1.25 <unfixed>
+	- golang-1.24 <unfixed>
+	- golang-1.19 <removed>
+	- golang-1.15 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/8FJoBkPddm4
+	NOTE: https://go-review.googlesource.com/c/go/+/725920
+	NOTE: https://github.com/golang/go/issues/76445
+	NOTE: Fixed by: https://github.com/golang/go/commit/f7bce4bd6f7b13de8d9f06f7f262e3b60381e7e9 (go1.25.5)
+	NOTE: Fixed by: https://github.com/golang/go/commit/3a842bd5c6aa8eefa13c0174de3ab361e50bd672 (go1.24.11)
 CVE-2025-60854 (A vulnerability has been found in D-Link R15 (AX1500) 1.20.01 and belo ...)
 	NOT-FOR-US: D-Link
 CVE-2025-60736 (code-projects Online Medicine Guide 1.0 is vulnerable to SQL Injection ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247c453384cc98fe53d63f7523059ef8505aa7ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/247c453384cc98fe53d63f7523059ef8505aa7ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251202/d8d10e0d/attachment.htm>

More information about the debian-security-tracker-commits mailing list