[Git][security-tracker-team/security-tracker][master] Track fixed version for golang-1.25 issues via unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Mar 8 07:28:00 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1cf4e79d by Salvatore Bonaccorso at 2026-03-08T08:27:16+01:00
Track fixed version for golang-1.25 issues via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -458,7 +458,7 @@ CVE-2018-25161 (Warranty Tracking System 11.06.3 contains an SQL injection vulne
 	NOT-FOR-US: Warranty Tracking System
 CVE-2026-27139 (On Unix platforms, when listing the contents of a directory using File ...)
 	- golang-1.26 1.26.1-1
-	- golang-1.25 <unfixed>
+	- golang-1.25 1.25.8-1
 	- golang-1.24 <unfixed>
 	- golang-1.19 <removed>
 	- golang-1.15 <removed>
@@ -467,7 +467,7 @@ CVE-2026-27139 (On Unix platforms, when listing the contents of a directory usin
 	NOTE: Fixed by: https://github.com/golang/go/commit/4091800393d254befde3770fd16f51200ebd5a3d (go1.25.8)
 CVE-2026-25679 (url.Parse insufficiently validated the host/authority component and ac ...)
 	- golang-1.26 1.26.1-1
-	- golang-1.25 <unfixed>
+	- golang-1.25 1.25.8-1
 	- golang-1.24 <unfixed>
 	- golang-1.19 <removed>
 	- golang-1.15 <removed>
@@ -476,7 +476,7 @@ CVE-2026-25679 (url.Parse insufficiently validated the host/authority component
 	NOTE: fixed by: https://github.com/golang/go/commit/d8174a9500d53784594b198f6195d1fae8dfe803 (go1.25.8)
 CVE-2026-27142 (Actions which insert URLs into the content attribute of HTML meta tags ...)
 	- golang-1.26 1.26.1-1
-	- golang-1.25 <unfixed>
+	- golang-1.25 1.25.8-1
 	- golang-1.24 <unfixed>
 	- golang-1.19 <removed>
 	- golang-1.15 <removed>



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cf4e79dd244216a660538981d24b9f9b104f478

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1cf4e79dd244216a660538981d24b9f9b104f478
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260308/66dc1fde/attachment.htm>

More information about the debian-security-tracker-commits mailing list