[Git][security-tracker-team/security-tracker][zhsj/golang-1.15] Update status for CVE-2021-41772

Fri, 03 Dec 2021 12:26:34 -0800 


Salvatore Bonaccorso pushed to branch zhsj/golang-1.15 at Debian Security 
Tracker / security-tracker


Commits:
b2a625df by Salvatore Bonaccorso at 2021-12-03T21:25:47+01:00
Update status for CVE-2021-41772

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -9967,12 +9967,13 @@ CVE-2017-20007 (Ingeteam INGEPAC DA AU AUC_1.13.0.28 
(and before) web applicatio
 CVE-2021-41772 (Go before 1.16.10 and 1.17.x before 1.17.3 allows an 
archive/zip Reade ...)
        - golang-1.17 1.17.3-1
        - golang-1.16 1.16.10-1
-       - golang-1.15 <not-affected> (Vulnerable code introduced in 1.16)
-       - golang-1.11 <removed>
-       - golang-1.8 <removed>
-       - golang-1.7 <removed>
+       - golang-1.15 <not-affected> (Vulnerable code introduced later in 
go1.16beta1)
+       - golang-1.11 <not-affected> (Vulnerable code introduced later in 
go1.16beta1)
+       - golang-1.8 <not-affected> (Vulnerable code introduced later in 
go1.16beta1)
+       - golang-1.7 <not-affected> (Vulnerable code introduced later in 
go1.16beta1)
        NOTE: https://github.com/golang/go/issues/48085
        NOTE: https://groups.google.com/g/golang-announce/c/0fM21h43arc
+       NOTE: Introduced in: 
https://github.com/golang/go/commit/1296ee6b4f9058be75c799513ccb488d2f2dd085 
(go1.16beta1)
        NOTE: 
https://github.com/golang/go/commit/b212ba68296b503b395e7d1838ca72a19030a6bf 
(go1.17.3)
        NOTE: 
https://github.com/golang/go/commit/88407a8dd98411f1730907dc8a69b99488af0052 
(go1.16.10)
 CVE-2021-41771 (ImportedSymbols in debug/macho (for Open or OpenFat) in Go 
before 1.16 ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2a625df379ca7918ac613d13f38c72f5a049790

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2a625df379ca7918ac613d13f38c72f5a049790
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to