Shengjing Zhu pushed to branch master at Debian Security Tracker / security-tracker
Commits: f7b850d8 by Shengjing Zhu at 2022-02-18T01:48:47+08:00 Track fixed version for golang-1.18 CVE-2022-23806 CVE-2022-23773 via unstable - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -4819,7 +4819,7 @@ CVE-2022-23807 (An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 b NOTE: https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/3 (missing 2FA packages) NOTE: 2FA support is not packaged in Debian CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...) - - golang-1.18 <unfixed> + - golang-1.18 1.18~rc1-1 - golang-1.17 1.17.7-1 - golang-1.15 <removed> [bullseye] - golang-1.15 <no-dsa> (Minor issue) @@ -4937,7 +4937,7 @@ CVE-2022-23775 CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...) NOT-FOR-US: Docker Desktop CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret ...) - - golang-1.18 <unfixed> + - golang-1.18 1.18~rc1-1 - golang-1.17 1.17.7-1 - golang-1.15 <removed> [bullseye] - golang-1.15 <no-dsa> (Minor issue) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7b850d8d62ef388c8d1da4148174d1e1d5106c0 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f7b850d8d62ef388c8d1da4148174d1e1d5106c0 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits