Author: carnil
Date: 2017-10-04 20:14:43 +0000 (Wed, 04 Oct 2017)
New Revision: 56413
Modified:
data/CVE/list
Log:
Add CVE-2017-1000097/golang
The source is present, so technically <unfixed> (unimportant) would have
been more correct. But since the issue is specific to Darwin/OS X, we
can mark it as not-affected.
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-10-04 19:33:41 UTC (rev 56412)
+++ data/CVE/list 2017-10-04 20:14:43 UTC (rev 56413)
@@ -106,7 +106,11 @@
CVE-2017-1000098 (The net/http package's Request.ParseMultipartForm method
starts ...)
TODO: check
CVE-2017-1000097 (On Darwin, user's trust preferences for root certificates
were not ...)
- TODO: check
+ - golang <not-affected> (OS X specific issue)
+ - golang-1.7 <not-affected> (OS X specific issue)
+ - golang-1.8 <not-affected> (OS X specific issue)
+ - golang-1.9 <not-affected> (OS X specific issue)
+ NOTE: https://github.com/golang/go/issues/18141
CVE-2017-15011 (The named pipes in qtsingleapp in Qt 5.x, as used in
qBittorrent and ...)
TODO: check, can't make much sense of it, probably limited to Win32
CVE-2017-15010 (A ReDoS (regular expression denial of service) flaw was found
in the ...)
_______________________________________________
Secure-testing-commits mailing list
[email protected]
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits
