Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits: 1a84b20b by Sylvain Beucler at 2023-04-19T23:43:24+02:00 DLA-3395-1/golang-1.11: drop fix for CVE-2022-23772 - - - - - 2 changed files: - data/CVE/list - data/DLA/list Changes: ===================================== data/CVE/list ===================================== @@ -100204,12 +100204,13 @@ CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinte NOTE: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ NOTE: https://github.com/golang/go/commit/fbcc30a2c9d076b27b4b411e2cec91ec13528081 (go1.17.7) CVE-2022-23772 (Rat.SetString in math/big in Go before 1.16.14 and 1.17.x before 1.17. ...) - {DLA-3395-1 DLA-2986-1 DLA-2985-1} + {DLA-2986-1 DLA-2985-1} - golang-1.18 1.18~beta2-1 - golang-1.17 1.17.7-1 - golang-1.15 <removed> [bullseye] - golang-1.15 1.15.15-1~deb11u3 - golang-1.11 <removed> + [buster] - golang-1.11 <ignored> (Limited support, minor issue, DoS, code is different, importing Rat.SetString from 1.16 causes arm64-specific test suite failures) - golang-1.8 <removed> - golang-1.7 <removed> NOTE: https://github.com/golang/go/issues/50699 ===================================== data/DLA/list ===================================== @@ -1,6 +1,6 @@ [19 Apr 2023] DLA-3395-1 golang-1.11 - security update - {CVE-2020-28367 CVE-2021-33196 CVE-2021-36221 CVE-2021-38297 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717 CVE-2022-23772 CVE-2022-23806 CVE-2022-24921} - [buster] - golang-1.11 1.11.6-1+deb10u5 + {CVE-2020-28367 CVE-2021-33196 CVE-2021-36221 CVE-2021-38297 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717 CVE-2022-23806 CVE-2022-24921} + [buster] - golang-1.11 1.11.6-1+deb10u6 [19 Apr 2023] DLA-3394-1 asterisk - security update {CVE-2023-27585} [buster] - asterisk 1:16.28.0~dfsg-0+deb10u3 View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a84b20b20bcc3488f2ba8348eafa0ebf3940b81 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1a84b20b20bcc3488f2ba8348eafa0ebf3940b81 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits