[Git][security-tracker-team/security-tracker][master] Update notes for CVE-2025-68121/go

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
80e46482 by Salvatore Bonaccorso at 2026-02-06T20:54:55+01:00
Update notes for CVE-2025-68121/go

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -7902,6 +7902,11 @@ CVE-2025-68121 (During session resumption in crypto/tls, if the underlying Confi
 	NOTE: https://github.com/golang/go/issues/77113
 	NOTE: Fixed by: https://github.com/golang/go/commit/4be38528a68a8b0c4e101576df200c214ad49c26 (go1.25.6)
 	NOTE: Fixed by: https://github.com/golang/go/commit/d0754e6242e70e171a888b6c5e0336bbf014e538 (go1.24.12)
+	NOTE: Followup/Documentation update: https://github.com/golang/go/issues/77217
+	NOTE: https://groups.google.com/g/golang-announce/c/K09ubi9FQFk
+	NOTE: https://github.com/golang/go/commit/9f30ca9189831b8061a6ee46c0a2a331b4864559 (go1.26rc3)
+	NOTE: https://github.com/golang/go/commit/c7d189e65c229a840c1e3e310cf4cd4ca0cb4e84 (go1.25.7)
+	NOTE: https://github.com/golang/go/commit/6a501314718b6d69bad1723b3065ca6067b560ea (go1.24.13)
 CVE-2025-61726 (The net/url package does not set a limit on the number of query parame ...)
 	- golang-1.25 1.25.6-1 (bug #1125916)
 	- golang-1.24 1.24.12-1 (bug #1125917)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80e46482b3fb8c37dadd2eb8208189be2836ab3e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/80e46482b3fb8c37dadd2eb8208189be2836ab3e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260206/c2d74322/attachment.htm>