Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2

To: Shengjing Zhu <zhsj@debian.org>, 1001100@bugs.debian.org
Cc: team@security.debian.org
Subject: Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Sat, 11 Dec 2021 17:44:48 +0000
Message-id: <[🔎] f646db0c7a42bd6ff1a3af10bb973348955cdf47.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1001100@bugs.debian.org
In-reply-to: <[🔎] YbIqrRcHKo+s4rXp@local.zhsj.me>
References: <[🔎] YatDh4UOo4cqAOUO@local.zhsj.me> <[🔎] YatDh4UOo4cqAOUO@local.zhsj.me> <[🔎] YbIqrRcHKo+s4rXp@local.zhsj.me> <[🔎] YatDh4UOo4cqAOUO@local.zhsj.me>

Control: tags -1 + moreinfo

On Fri, 2021-12-10 at 00:11 +0800, Shengjing Zhu wrote:
> On Sat, Dec 04, 2021 at 06:31:35PM +0800, Shengjing Zhu wrote:
[...]
> > Backport patches for CVE-2021-38297 and CVE-2021-41771.
> > 
> > [ Impact ]
> > 
> > + CVE-2021-38297 is for people using WASM with Go
> > + CVE-2021-41771 is in debug/macho standard library
> > 
[...]
> I'd like to amend this request.
> 
> Backport two patches for CVE-2021-44716 and CVE-2021-44717. Both are
> taken from upstream 1.16
> branch without modification.
> 

None of these issues appears to be resolved in the golang-1.15 package
in unstable. Is that correct?

Regards,

Adam

Reply to:

Follow-Ups:
- Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
  - From: Shengjing Zhu <zhsj@debian.org>

References:
- Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
  - From: Shengjing Zhu <zhsj@debian.org>
- Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
  - From: Shengjing Zhu <zhsj@debian.org>

Prev by Date: NEW changes in stable-new
Next by Date: Processed: Re: Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
Previous by thread: Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
Next by thread: Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2
Index(es):
- Date
- Thread