diff options
| author | Sylvain Beucler <beuc@beuc.net> | 2021-02-23 14:42:52 +0100 |
|---|---|---|
| committer | Sylvain Beucler <beuc@beuc.net> | 2021-02-23 14:42:52 +0100 |
| commit | c6e568b55acea85bfb63f7dc4a4e13de07c00b7e (patch) | |
| tree | 47ff820ba6d504d733b5fbae7308ef30bd786453 /data/CVE/2018.list | |
| parent | b85c3dabe557400bd26585e7025f018ce8f4ad56 (diff) | |
CVE-2018-16873,CVE-2018-16874,CVE-2018-16875/golang-1.7,golang-1.8: track for stretch, reference regression fix
Diffstat (limited to 'data/CVE/2018.list')
| -rw-r--r-- | data/CVE/2018.list | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list index 9eba002158..aa6295e880 100644 --- a/data/CVE/2018.list +++ b/data/CVE/2018.list @@ -11773,23 +11773,31 @@ CVE-2018-16876 (ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a CVE-2018-16875 (The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 d ...) - golang-1.11 1.11.3-1 - golang-1.10 1.10.6-1 + - golang-1.8 <removed> + - golang-1.7 <removed> NOTE: https://github.com/golang/go/issues/29233 NOTE: https://github.com/golang/go/commit/df523969435b8945d939c7e2a849b50910ef4c25 (1.11.3) NOTE: https://github.com/golang/go/commit/0a4a37f1f0a36e55d8ae5c34210a79499f9f2a9d (1.10.6) CVE-2018-16874 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...) - golang-1.11 1.11.3-1 - golang-1.10 1.10.6-1 + - golang-1.8 <removed> + - golang-1.7 <removed> NOTE: https://github.com/golang/go/issues/29231 - NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3) - NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6) + NOTE: See CVE-2018-16873 for patches and regression fix CVE-2018-16873 (In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is ...) - golang-1.11 1.11.3-1 - golang-1.10 1.10.6-1 + - golang-1.8 <removed> + - golang-1.7 <removed> NOTE: https://github.com/golang/go/issues/29230 NOTE: https://github.com/golang/go/commit/8954addb3294a5e664a9833354bafa58f163fe8f (1.11.3) NOTE: https://github.com/golang/go/commit/5aedc8af94c0a8ffc58cbd09993192dea9b238db (1.11.3) NOTE: https://github.com/golang/go/commit/90d609ba6156299642d08afc06d85ab770a03972 (1.10.6) NOTE: https://github.com/golang/go/commit/7ef6ee2c5727f0d11206b4d1866c18e6ab4785be (1.10.6) + NOTE: https://github.com/golang/go/issues/29241 (regression) + NOTE: https://github.com/golang/go/commit/25bee965c685e3f35c10076648685e22e59fd656 (1.10.7) + NOTE: https://github.com/golang/go/commit/ef209c9eb1216252ee7a59d78156ad9dcccab656 (1.11.4) CVE-2018-16872 (A flaw was found in qemu Media Transfer Protocol (MTP). The code openi ...) {DSA-4454-1 DLA-1694-1} - qemu 1:3.1+dfsg-2 (bug #916397) |