Track fixed version for golang-1.18 CVE-2022-23806 CVE-2022-23773 via unstable

author: Shengjing Zhu <zhsj@debian.org> 2022-02-18 01:48:47 +0800
committer: Shengjing Zhu <zhsj@debian.org> 2022-02-18 01:48:47 +0800
commit: 4f283a90ded7c42bf5159d8d5b3fcf2770c759e6 (patch)
tree: 915165c726bad0d5647895cf1eaf4a2b99241b3e
parent: fbd687eee87502f6524da17dda97bb6d4a57011f (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/2022.list b/data/CVE/2022.list
index 0ba3c287d6..a731af36c8 100644
--- a/data/CVE/2022.list
+++ b/data/CVE/2022.list
@@ -4112,7 +4112,7 @@ CVE-2022-23807 (An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 b
 	NOTE: https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/3 (missing 2FA packages)
 	NOTE: 2FA support is not packaged in Debian
 CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -4228,7 +4228,7 @@ CVE-2022-23775
 CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...)
 	NOT-FOR-US: Docker Desktop
 CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret  ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
author	Shengjing Zhu <zhsj@debian.org>	2022-02-18 01:48:47 +0800
committer	Shengjing Zhu <zhsj@debian.org>	2022-02-18 01:48:47 +0800
commit	4f283a90ded7c42bf5159d8d5b3fcf2770c759e6 (patch)
tree	915165c726bad0d5647895cf1eaf4a2b99241b3e
parent	fbd687eee87502f6524da17dda97bb6d4a57011f (diff)