[Git][security-tracker-team/security-tracker][master] CVE-2025-61728/golang: bullseye not-affected

Tue Jan 27 08:21:08 GMT 2026


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
4477dbd7 by Sylvain Beucler at 2026-01-27T09:20:59+01:00
CVE-2025-61728/golang: bullseye not-affected

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4033,10 +4033,10 @@ CVE-2025-61728 [archive/zip: denial of service when parsing arbitrary ZIP archiv
 	- golang-1.25 1.25.6-1 (bug #1125916)
 	- golang-1.24 1.24.12-1 (bug #1125917)
 	- golang-1.19 <removed>
-	- golang-1.15 <removed>
-	[bullseye] - golang-1.15 <postponed> (Limited support, DoS, minor issue, follow bookworm DSAs/point-releases)
+	- golang-1.15 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://groups.google.com/g/golang-announce/c/Vd2tYVM8eUc
 	NOTE: https://github.com/golang/go/issues/77102
+	NOTE: Introduced by: https://github.com/golang/go/commit/1296ee6b4f9058be75c799513ccb488d2f2dd085 (go1.16beta1)
 	NOTE: Fixed by: https://github.com/golang/go/commit/9d497df196d66553ae844c22a53fb86cd422e80c (go1.25.6)
 	NOTE: Fixed by: https://github.com/golang/go/commit/3235ef3db85c2d7e797b976822a7addaf6d5ca2a (go1.24.12)
 CVE-2025-68675 (In Apache Airflow versions before 3.1.6, the proxies and proxy fields  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4477dbd7f2eb069bd41ed20d0a2ebb43fc1c463b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4477dbd7f2eb069bd41ed20d0a2ebb43fc1c463b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260127/e213e1ad/attachment.htm>
