[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512

Brian May <bam@debian.org> writes:

> Anyway, as this was marked as minor for golang-1.7 in Stretch, probably
> also should be marked as minor for golang-golang-x-net-dev also...

According to https://security-tracker.debian.org/tracker/CVE-2019-9512,
golang-golang-x-net-dev is a source package that is vulnerable.

But golang-golang-x-net-dev is not a source package. In fact


returns 0 results.

golang-golang-x-net-dev is a binary package. The source package is
called golang-go.crypto. This had really confusing me for a while.
Brian May <bam@debian.org>

Reply to: