golang-1.7 / CVE-2019-9514 / CVE-2019-9512

To: debian-lts@lists.debian.org
Subject: golang-1.7 / CVE-2019-9514 / CVE-2019-9512
From: Brian May <bam@debian.org>
Date: Wed, 09 Sep 2020 08:55:52 +1000
Message-id: <[🔎] 87y2ljop3b.fsf@canidae.wired.pri>

Looking at:

https://security-tracker.debian.org/tracker/CVE-2019-9512
https://security-tracker.debian.org/tracker/CVE-2019-9514

Under "golang-1.7" release stretch it says "vulnerable".

But in the notes, there is:

[stretch] - golang-1.7 <ignored> (Minor issue)

Why?

Anyway, as this was marked as minor for golang-1.7 in Stretch, probably
also should be marked as minor for golang-golang-x-net-dev also...
-- 
Brian May <bam@debian.org>

Reply to:

Follow-Ups:
- Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512
  - From: "Chris Lamb" <lamby@debian.org>
- Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512
  - From: Sylvain Beucler <beuc@beuc.net>

Prev by Date: Re: golang-go.crypto / CVE-2019-11841
Next by Date: Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512
Previous by thread: Re: Regarding package pdns-recursor in Stretch
Next by thread: Re: golang-1.7 / CVE-2019-9514 / CVE-2019-9512
Index(es):
- Date
- Thread