Bug#1006768: bullseye-pu: package golang-1.15/1.15.15-1~deb11u4

To: Shengjing Zhu <zhsj@debian.org>, 1006768@bugs.debian.org
Subject: Bug#1006768: bullseye-pu: package golang-1.15/1.15.15-1~deb11u4
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 15 Mar 2022 20:48:55 +0000
Message-id: <[🔎] 3b4d6a10a9389998882fa617ff250c13570a02f4.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1006768@bugs.debian.org
In-reply-to: <[🔎] YiIkKmg57wVeYFlV@local.zhsj.me>
References: <[🔎] YiIkKmg57wVeYFlV@local.zhsj.me> <[🔎] YiIkKmg57wVeYFlV@local.zhsj.me>

Control: tags -1 + confirmed

On Fri, 2022-03-04 at 22:37 +0800, Shengjing Zhu wrote:
> Backport patch for CVE-2022-24921.
> 
> [ Impact ]
> 
> CVE-2022-24921:
> regexp: stack exhaustion compiling deeply nested expressions
> 
> This is bug in standard library.
> 

Please go ahead.

Regards,

Adam

Reply to:

References:
- Bug#1006768: bullseye-pu: package golang-1.15/1.15.15-1~deb11u4
  - From: Shengjing Zhu <zhsj@debian.org>

Prev by Date: Bug#1006522: bullseye-pu: package djbdns/1:1.05-13+deb11u1
Next by Date: Processed: Re: Bug#1006768: bullseye-pu: package golang-1.15/1.15.15-1~deb11u4
Previous by thread: Processed: Re: Bug#1006768: golang-1.15 1.15.15-1~deb11u3 flagged for acceptance
Next by thread: Processed: Re: Bug#1006768: bullseye-pu: package golang-1.15/1.15.15-1~deb11u4
Index(es):
- Date
- Thread