Re: golang-go.crypto / CVE-2019-11841

To: debian-lts@lists.debian.org
Subject: Re: golang-go.crypto / CVE-2019-11841
From: Brian May <bam@debian.org>
Date: Thu, 03 Sep 2020 08:57:49 +1000
Message-id: <[🔎] 87eenju6qa.fsf@canidae.wired.pri>
In-reply-to: <[🔎] 87pn75t6vb.fsf@canidae.wired.pri>
References: <87k0xes8kr.fsf@canidae.wired.pri> <[🔎] 87pn75t6vb.fsf@canidae.wired.pri>

Brian May <bam@debian.org> writes:

> All of the distributions fail (as in the last two tests pass when they
> should now), but bullseye at least fixes one of the failures. So it
> looks like this was incorrectly marked as fixed (note bulleye and sid
> have the same version of this package).

I filled an upstream bug report: https://github.com/golang/go/issues/41200
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: golang-go.crypto / CVE-2019-11841
  - From: Brian May <bam@debian.org>

References:
- Re: golang-go.crypto / CVE-2019-11841
  - From: Brian May <bam@debian.org>

Prev by Date: Re: [Git][security-tracker-team/security-tracker][master] 2 commits: data/dla-needed.txt: Triage python-django for stretch LTS.
Next by Date: Re: [SECURITY] [DLA 2363-1] asyncpg security update
Previous by thread: Re: golang-go.crypto / CVE-2019-11841
Next by thread: Re: golang-go.crypto / CVE-2019-11841
Index(es):
- Date
- Thread