[Git][security-tracker-team/security-tracker][master] Add CVE-2025-22866/go

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Feb 7 08:35:01 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
655bf7a4 by Salvatore Bonaccorso at 2025-02-07T09:34:42+01:00
Add CVE-2025-22866/go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -101,7 +101,16 @@ CVE-2025-22936 (An issue in Smartcom Bulgaria AD Smartcom Ralink CPE/WiFi router
 CVE-2025-22867 (On Darwin, building a Go module which contains CGO can trigger arbitra ...)
 	TODO: check
 CVE-2025-22866 (Due to the usage of a variable time instruction in the assembly implem ...)
-	TODO: check
+	- golang-1.24 <unfixed>
+	- golang-1.23 <unfixed>
+	- golang-1.22 <unfixed>
+	- golang-1.19 <removed>
+	- golang-1.15 <removed>
+	NOTE: https://groups.google.com/g/golang-announce/c/xU1ZCHUZw3k
+	NOTE: https://github.com/golang/go/issues/71383
+	NOTE: https://github.com/golang/go/commit/6fc23a3cff5e38ff72923fee50f51254dcdc6e93 (go1.24rc3)
+	NOTE: https://github.com/golang/go/commit/6644ed63b1e6ccc129647ef6b0d4647fdbe14056 (go1.23.6)
+	NOTE: https://github.com/golang/go/commit/0cc45e7ca668b103c1055ae84402ad3f3425dd56 (go1.22.12)
 CVE-2025-1078 (A vulnerability has been found in AppHouseKitchen AlDente Charge Limit ...)
 	NOT-FOR-US: AppHouseKitchen AlDente Charge
 CVE-2025-1076 (A Stored Cross-Site Scripting (Stored XSS) vulnerability has been foun ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655bf7a4837120b9fc115285159e6bdcfe2bf85c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/655bf7a4837120b9fc115285159e6bdcfe2bf85c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250207/5dee8110/attachment.htm>

More information about the debian-security-tracker-commits mailing list