[pkg-golang-devel] golang CVE-2019-6486 (DoS in crypto/elliptic)
Dr. Tobias Quathamer
toddy at debian.org
Thu Jan 24 14:07:11 GMT 2019
Am 24.01.2019 um 15:00 schrieb Dr. Tobias Quathamer:
> This should be a complete and current list of needed binNMUs:
Well, almost ... :-)
Please add these packages to the list as well:
nmu amazon-ecr-credential-helper_0.2.0-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu cloudsql-proxy_1.13-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu dnscrypt-proxy_2.0.19+ds1-2 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu docker.io_18.06.1+dfsg1-3 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu fever_1.0.3-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu fzf_0.17.5-2 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu git-lfs_2.6.1-3 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu gokey_0.0~git20190103.40eba7e-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu golang-github-dcso-bloom-cli_0.2.3-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu golang-grpc-gateway_1.6.4-2 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu gotail_1.0.0+git20180327.c434825-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu golang-github-sebest-xff_0.0~git20160910.6c115e0-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu golang-goprotobuf-dev_1.2.0-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu gost_0.1.0+git20181204.5afeda5e-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu gron_0.6.0-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu hub_2.7.0~ds1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu hugo_0.53-3 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu kcptun_20190109+ds-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu mender-client_1.7.0-3 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu nomad_0.8.7+dfsg1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu prometheus-alertmanager_0.15.3+ds-2 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu prometheus-process-exporter_0.4.0+ds-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu prometheus-snmp-exporter_0.14.0+ds-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu restic_0.9.4+ds-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu snapd_2.37-3 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu syncthing_1.0.0~ds1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu syncthing-discosrv_1.0.0~ds1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu syncthing-relaysrv_1.0.0~ds1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
nmu vuls_0.6.1-1 . ANY . -m 'Rebuild with current golang-1.11 (CVE-2019-6486)'
Regards,
Tobias
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-golang-devel/attachments/20190124/8a14fb6a/attachment.sig>
More information about the pkg-golang-devel
mailing list