Shengjing Zhu pushed to branch master at Debian Security Tracker / security-tracker
Commits: e2b4d5eb by Shengjing Zhu at 2022-03-16T14:50:00+08:00 Track fixed version for golang-1.18 CVE-2022-24921 - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -6183,7 +6183,7 @@ CVE-2022-24923 (Improper access control vulnerability in Samsung SearchWidget pr CVE-2022-24922 RESERVED CVE-2022-24921 (regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 allows st ...) - - golang-1.18 <unfixed> + - golang-1.18 1.18~rc1-1 - golang-1.17 1.17.8-1 - golang-1.15 <removed> [bullseye] - golang-1.15 <no-dsa> (Minor issue) @@ -6194,6 +6194,7 @@ CVE-2022-24921 (regexp.Compile in Go before 1.16.15 and 1.17.x before 1.17.8 all NOTE: https://github.com/golang/go/issues/51112 NOTE: https://groups.google.com/g/golang-announce/c/RP1hfrBYVuk NOTE: https://github.com/golang/go/commit/ac071634c487eb6ac5422652de3c7c18fba7c522 (go1.17.8) + NOTE: https://github.com/golang/go/commit/452f24ae94f38afa3704d4361d91d51218405c0a (go1.18rc1) CVE-2022-24920 RESERVED CVE-2022-24919 (An authenticated user can create a link with reflected Javascript code ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2b4d5ebec58941e210ceabb064b1e62ac052931 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e2b4d5ebec58941e210ceabb064b1e62ac052931 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits