[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1001100: bullseye-pu: package golang-1.15/1.15.15-1~deb11u2

On Sun, Dec 12, 2021 at 1:45 AM Adam D. Barratt
<adam@adam-barratt.org.uk> wrote:
>
> Control: tags -1 + moreinfo
>
> On Fri, 2021-12-10 at 00:11 +0800, Shengjing Zhu wrote:
> > On Sat, Dec 04, 2021 at 06:31:35PM +0800, Shengjing Zhu wrote:
> [...]
> > > Backport patches for CVE-2021-38297 and CVE-2021-41771.
> > >
> > > [ Impact ]
> > >
> > > + CVE-2021-38297 is for people using WASM with Go
> > > + CVE-2021-41771 is in debug/macho standard library
> > >
> [...]
> > I'd like to amend this request.
> >
> > Backport two patches for CVE-2021-44716 and CVE-2021-44717. Both are
> > taken from upstream 1.16
> > branch without modification.
> >
>
> None of these issues appears to be resolved in the golang-1.15 package
> in unstable. Is that correct?
>

Hmm, I forget golang-1.15 hasn't been removed from unstable yet, since
two packages still depend on it.
I'll update it for unstable. (I really want to see it removed from unstable...)

-- 
Shengjing Zhu
Reply to: