Control: tags -1 + confirmed On Sun, 2021-12-12 at 03:00 +0800, Shengjing Zhu wrote: > On Sun, Dec 12, 2021 at 1:49 AM Shengjing Zhu <z...@debian.org> > wrote: > > On Sun, Dec 12, 2021 at 1:45 AM Adam D. Barratt > > <a...@adam-barratt.org.uk> wrote: > > > Control: tags -1 + moreinfo > > > > > > On Fri, 2021-12-10 at 00:11 +0800, Shengjing Zhu wrote: > > > > On Sat, Dec 04, 2021 at 06:31:35PM +0800, Shengjing Zhu wrote: > > > [...] > > > > > Backport patches for CVE-2021-38297 and CVE-2021-41771. > > > > > > > > > > [ Impact ] > > > > > > > > > > + CVE-2021-38297 is for people using WASM with Go > > > > > + CVE-2021-41771 is in debug/macho standard library > > > > > > > > [...] > > > > I'd like to amend this request. > > > > > > > > Backport two patches for CVE-2021-44716 and CVE-2021-44717. > > > > Both are > > > > taken from upstream 1.16 > > > > branch without modification. > > > > > > > > > > None of these issues appears to be resolved in the golang-1.15 > > > package > > > in unstable. Is that correct? > > > > > > > Hmm, I forget golang-1.15 hasn't been removed from unstable yet, > > since > > two packages still depend on it. > > I'll update it for unstable. (I really want to see it removed from > > unstable...) > > > > Now golang-1.15/1.15.15-5 is in unstable, with same patches in this > pu.
Heh, that was quick. Please go ahead, thanks. Regards, Adam
