Merge ~zhsj/ubuntu-cve-tracker:golang-20230411 into ubuntu-cve-tracker:master
- Git
- lp:~zhsj/ubuntu-cve-tracker
- golang-20230411
- Merge into master
Proposed by
Shengjing Zhu
Status: | Merged |
---|---|
Merged at revision: | 7e34d0bb9246fea964782797d82755f7f15be865 |
Proposed branch: | ~zhsj/ubuntu-cve-tracker:golang-20230411 |
Merge into: | ubuntu-cve-tracker:master |
Diff against target: |
532 lines (+417/-12) 4 files modified
active/CVE-2023-24534 (+104/-3) active/CVE-2023-24536 (+104/-3) active/CVE-2023-24537 (+105/-3) active/CVE-2023-24538 (+104/-3) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Alex Murray | Approve | ||
Review via email: mp+440729@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Shengjing Zhu (zhsj) wrote : | # |
Revision history for this message
Alex Murray (alexmurray) wrote : | # |
Thanks for this - while reviewing this I noticed that the boilerplates/golang was missing golang-1.19 and golang-1.20 so I have updated it to list these new versions of golang in the newer Ubuntu releases.
review:
Approve
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/active/CVE-2023-24534 b/active/CVE-2023-24534 | |||
2 | index 3e3749f..7ceba7d 100644 | |||
3 | --- a/active/CVE-2023-24534 | |||
4 | +++ b/active/CVE-2023-24534 | |||
5 | @@ -25,17 +25,118 @@ Discovered-by: | |||
6 | 25 | Assigned-to: | 25 | Assigned-to: |
7 | 26 | CVSS: | 26 | CVSS: |
8 | 27 | 27 | ||
9 | 28 | Patches_golang-1.6: | ||
10 | 29 | upstream_golang-1.6: needs-triage | ||
11 | 30 | trusty_golang-1.6: ignored (out of standard support) | ||
12 | 31 | xenial_golang-1.6: ignored (out of standard support) | ||
13 | 32 | esm-infra/xenial_golang-1.6: needed | ||
14 | 33 | bionic_golang-1.6: DNE | ||
15 | 34 | focal_golang-1.6: DNE | ||
16 | 35 | jammy_golang-1.6: DNE | ||
17 | 36 | kinetic_golang-1.6: DNE | ||
18 | 37 | devel_golang-1.6: DNE | ||
19 | 38 | |||
20 | 39 | Patches_golang-1.8: | ||
21 | 40 | upstream_golang-1.8: needs-triage | ||
22 | 41 | trusty_golang-1.8: ignored (out of standard support) | ||
23 | 42 | xenial_golang-1.8: ignored (out of standard support) | ||
24 | 43 | bionic_golang-1.8: needed | ||
25 | 44 | esm-apps/bionic_golang-1.8: needed | ||
26 | 45 | focal_golang-1.8: DNE | ||
27 | 46 | jammy_golang-1.8: DNE | ||
28 | 47 | kinetic_golang-1.8: DNE | ||
29 | 48 | devel_golang-1.8: DNE | ||
30 | 49 | |||
31 | 50 | Patches_golang-1.9: | ||
32 | 51 | upstream_golang-1.9: needs-triage | ||
33 | 52 | trusty_golang-1.9: ignored (out of standard support) | ||
34 | 53 | xenial_golang-1.9: ignored (out of standard support) | ||
35 | 54 | bionic_golang-1.9: needed | ||
36 | 55 | esm-apps/bionic_golang-1.9: needed | ||
37 | 56 | focal_golang-1.9: DNE | ||
38 | 57 | jammy_golang-1.9: DNE | ||
39 | 58 | kinetic_golang-1.9: DNE | ||
40 | 59 | devel_golang-1.9: DNE | ||
41 | 60 | |||
42 | 61 | Patches_golang-1.10: | ||
43 | 62 | upstream_golang-1.10: needs-triage | ||
44 | 63 | trusty_golang-1.10: ignored (out of standard support) | ||
45 | 64 | trusty/esm_golang-1.10: needed | ||
46 | 65 | xenial_golang-1.10: ignored (out of standard support) | ||
47 | 66 | esm-infra/xenial_golang-1.10: needed | ||
48 | 67 | bionic_golang-1.10: needed | ||
49 | 68 | focal_golang-1.10: DNE | ||
50 | 69 | jammy_golang-1.10: DNE | ||
51 | 70 | kinetic_golang-1.10: DNE | ||
52 | 71 | devel_golang-1.10: DNE | ||
53 | 72 | |||
54 | 73 | Patches_golang-1.13: | ||
55 | 74 | upstream_golang-1.13: needs-triage | ||
56 | 75 | trusty_golang-1.13: ignored (out of standard support) | ||
57 | 76 | xenial_golang-1.13: ignored (out of standard support) | ||
58 | 77 | esm-apps/xenial_golang-1.13: needed | ||
59 | 78 | bionic_golang-1.13: needed | ||
60 | 79 | esm-apps/bionic_golang-1.13: needed | ||
61 | 80 | focal_golang-1.13: needed | ||
62 | 81 | jammy_golang-1.13: needed | ||
63 | 82 | esm-apps/jammy_golang-1.13: needed | ||
64 | 83 | kinetic_golang-1.13: needed | ||
65 | 84 | devel_golang-1.13: DNE | ||
66 | 85 | |||
67 | 86 | Patches_golang-1.14: | ||
68 | 87 | upstream_golang-1.14: needs-triage | ||
69 | 88 | trusty_golang-1.14: ignored (out of standard support) | ||
70 | 89 | xenial_golang-1.14: ignored (out of standard support) | ||
71 | 90 | bionic_golang-1.14: DNE | ||
72 | 91 | focal_golang-1.14: needed | ||
73 | 92 | jammy_golang-1.14: DNE | ||
74 | 93 | kinetic_golang-1.14: DNE | ||
75 | 94 | devel_golang-1.14: DNE | ||
76 | 95 | |||
77 | 96 | Patches_golang-1.16: | ||
78 | 97 | upstream_golang-1.16: needs-triage | ||
79 | 98 | trusty_golang-1.16: ignored (out of standard support) | ||
80 | 99 | xenial_golang-1.16: ignored (out of standard support) | ||
81 | 100 | bionic_golang-1.16: needed | ||
82 | 101 | focal_golang-1.16: needed | ||
83 | 102 | esm-apps/focal_golang-1.16: needed | ||
84 | 103 | jammy_golang-1.16: DNE | ||
85 | 104 | kinetic_golang-1.16: DNE | ||
86 | 105 | devel_golang-1.16: DNE | ||
87 | 106 | |||
88 | 107 | Patches_golang-1.17: | ||
89 | 108 | upstream_golang-1.17: needs-triage | ||
90 | 109 | trusty_golang-1.17: ignored (out of standard support) | ||
91 | 110 | xenial_golang-1.17: ignored (out of standard support) | ||
92 | 111 | bionic_golang-1.17: DNE | ||
93 | 112 | focal_golang-1.17: DNE | ||
94 | 113 | jammy_golang-1.17: needed | ||
95 | 114 | kinetic_golang-1.17: DNE | ||
96 | 115 | devel_golang-1.17: DNE | ||
97 | 116 | |||
98 | 117 | Patches_golang-1.18: | ||
99 | 118 | upstream_golang-1.18: needs-triage | ||
100 | 119 | trusty_golang-1.18: ignored (out of standard support) | ||
101 | 120 | xenial_golang-1.18: ignored (out of standard support) | ||
102 | 121 | bionic_golang-1.18: needed | ||
103 | 122 | focal_golang-1.18: needed | ||
104 | 123 | jammy_golang-1.18: needed | ||
105 | 124 | kinetic_golang-1.18: DNE | ||
106 | 125 | devel_golang-1.18: DNE | ||
107 | 126 | |||
108 | 28 | Patches_golang-1.19: | 127 | Patches_golang-1.19: |
110 | 29 | upstream_golang-1.19: needs-triage | 128 | upstream: https://github.com/golang/go/commit/d6759e7a059f4208f07aa781402841d7ddaaef96 |
111 | 129 | upstream_golang-1.19: released (1.19.8-1) | ||
112 | 30 | trusty_golang-1.19: ignored (out of standard support) | 130 | trusty_golang-1.19: ignored (out of standard support) |
113 | 31 | xenial_golang-1.19: ignored (out of standard support) | 131 | xenial_golang-1.19: ignored (out of standard support) |
114 | 32 | bionic_golang-1.19: DNE | 132 | bionic_golang-1.19: DNE |
115 | 33 | focal_golang-1.19: DNE | 133 | focal_golang-1.19: DNE |
116 | 34 | jammy_golang-1.19: DNE | 134 | jammy_golang-1.19: DNE |
117 | 35 | kinetic_golang-1.19: needed | 135 | kinetic_golang-1.19: needed |
119 | 36 | devel_golang-1.19: needs-triage | 136 | devel_golang-1.19: not-affected (1.19.8-1) |
120 | 37 | 137 | ||
121 | 38 | Patches_golang-1.20: | 138 | Patches_golang-1.20: |
122 | 139 | upstream: https://github.com/golang/go/commit/3991f6c41c7dfd167e889234c0cf1d840475e93c | ||
123 | 39 | upstream_golang-1.20: released (1.20.3-1) | 140 | upstream_golang-1.20: released (1.20.3-1) |
124 | 40 | trusty_golang-1.20: ignored (out of standard support) | 141 | trusty_golang-1.20: ignored (out of standard support) |
125 | 41 | xenial_golang-1.20: ignored (out of standard support) | 142 | xenial_golang-1.20: ignored (out of standard support) |
126 | @@ -43,4 +144,4 @@ bionic_golang-1.20: DNE | |||
127 | 43 | focal_golang-1.20: DNE | 144 | focal_golang-1.20: DNE |
128 | 44 | jammy_golang-1.20: DNE | 145 | jammy_golang-1.20: DNE |
129 | 45 | kinetic_golang-1.20: DNE | 146 | kinetic_golang-1.20: DNE |
131 | 46 | devel_golang-1.20: needs-triage | 147 | devel_golang-1.20: not-affected (1.20.3-1) |
132 | diff --git a/active/CVE-2023-24536 b/active/CVE-2023-24536 | |||
133 | index af352ae..1f29a9b 100644 | |||
134 | --- a/active/CVE-2023-24536 | |||
135 | +++ b/active/CVE-2023-24536 | |||
136 | @@ -40,17 +40,118 @@ Discovered-by: | |||
137 | 40 | Assigned-to: | 40 | Assigned-to: |
138 | 41 | CVSS: | 41 | CVSS: |
139 | 42 | 42 | ||
140 | 43 | Patches_golang-1.6: | ||
141 | 44 | upstream_golang-1.6: needs-triage | ||
142 | 45 | trusty_golang-1.6: ignored (out of standard support) | ||
143 | 46 | xenial_golang-1.6: ignored (out of standard support) | ||
144 | 47 | esm-infra/xenial_golang-1.6: needed | ||
145 | 48 | bionic_golang-1.6: DNE | ||
146 | 49 | focal_golang-1.6: DNE | ||
147 | 50 | jammy_golang-1.6: DNE | ||
148 | 51 | kinetic_golang-1.6: DNE | ||
149 | 52 | devel_golang-1.6: DNE | ||
150 | 53 | |||
151 | 54 | Patches_golang-1.8: | ||
152 | 55 | upstream_golang-1.8: needs-triage | ||
153 | 56 | trusty_golang-1.8: ignored (out of standard support) | ||
154 | 57 | xenial_golang-1.8: ignored (out of standard support) | ||
155 | 58 | bionic_golang-1.8: needed | ||
156 | 59 | esm-apps/bionic_golang-1.8: needed | ||
157 | 60 | focal_golang-1.8: DNE | ||
158 | 61 | jammy_golang-1.8: DNE | ||
159 | 62 | kinetic_golang-1.8: DNE | ||
160 | 63 | devel_golang-1.8: DNE | ||
161 | 64 | |||
162 | 65 | Patches_golang-1.9: | ||
163 | 66 | upstream_golang-1.9: needs-triage | ||
164 | 67 | trusty_golang-1.9: ignored (out of standard support) | ||
165 | 68 | xenial_golang-1.9: ignored (out of standard support) | ||
166 | 69 | bionic_golang-1.9: needed | ||
167 | 70 | esm-apps/bionic_golang-1.9: needed | ||
168 | 71 | focal_golang-1.9: DNE | ||
169 | 72 | jammy_golang-1.9: DNE | ||
170 | 73 | kinetic_golang-1.9: DNE | ||
171 | 74 | devel_golang-1.9: DNE | ||
172 | 75 | |||
173 | 76 | Patches_golang-1.10: | ||
174 | 77 | upstream_golang-1.10: needs-triage | ||
175 | 78 | trusty_golang-1.10: ignored (out of standard support) | ||
176 | 79 | trusty/esm_golang-1.10: needed | ||
177 | 80 | xenial_golang-1.10: ignored (out of standard support) | ||
178 | 81 | esm-infra/xenial_golang-1.10: needed | ||
179 | 82 | bionic_golang-1.10: needed | ||
180 | 83 | focal_golang-1.10: DNE | ||
181 | 84 | jammy_golang-1.10: DNE | ||
182 | 85 | kinetic_golang-1.10: DNE | ||
183 | 86 | devel_golang-1.10: DNE | ||
184 | 87 | |||
185 | 88 | Patches_golang-1.13: | ||
186 | 89 | upstream_golang-1.13: needs-triage | ||
187 | 90 | trusty_golang-1.13: ignored (out of standard support) | ||
188 | 91 | xenial_golang-1.13: ignored (out of standard support) | ||
189 | 92 | esm-apps/xenial_golang-1.13: needed | ||
190 | 93 | bionic_golang-1.13: needed | ||
191 | 94 | esm-apps/bionic_golang-1.13: needed | ||
192 | 95 | focal_golang-1.13: needed | ||
193 | 96 | jammy_golang-1.13: needed | ||
194 | 97 | esm-apps/jammy_golang-1.13: needed | ||
195 | 98 | kinetic_golang-1.13: needed | ||
196 | 99 | devel_golang-1.13: DNE | ||
197 | 100 | |||
198 | 101 | Patches_golang-1.14: | ||
199 | 102 | upstream_golang-1.14: needed | ||
200 | 103 | trusty_golang-1.14: ignored (out of standard support) | ||
201 | 104 | xenial_golang-1.14: ignored (out of standard support) | ||
202 | 105 | bionic_golang-1.14: DNE | ||
203 | 106 | focal_golang-1.14: needed | ||
204 | 107 | jammy_golang-1.14: DNE | ||
205 | 108 | kinetic_golang-1.14: DNE | ||
206 | 109 | devel_golang-1.14: DNE | ||
207 | 110 | |||
208 | 111 | Patches_golang-1.16: | ||
209 | 112 | upstream_golang-1.16: needs-triage | ||
210 | 113 | trusty_golang-1.16: ignored (out of standard support) | ||
211 | 114 | xenial_golang-1.16: ignored (out of standard support) | ||
212 | 115 | bionic_golang-1.16: needed | ||
213 | 116 | focal_golang-1.16: needed | ||
214 | 117 | esm-apps/focal_golang-1.16: needed | ||
215 | 118 | jammy_golang-1.16: DNE | ||
216 | 119 | kinetic_golang-1.16: DNE | ||
217 | 120 | devel_golang-1.16: DNE | ||
218 | 121 | |||
219 | 122 | Patches_golang-1.17: | ||
220 | 123 | upstream_golang-1.17: needs-triage | ||
221 | 124 | trusty_golang-1.17: ignored (out of standard support) | ||
222 | 125 | xenial_golang-1.17: ignored (out of standard support) | ||
223 | 126 | bionic_golang-1.17: DNE | ||
224 | 127 | focal_golang-1.17: DNE | ||
225 | 128 | jammy_golang-1.17: needed | ||
226 | 129 | kinetic_golang-1.17: DNE | ||
227 | 130 | devel_golang-1.17: DNE | ||
228 | 131 | |||
229 | 132 | Patches_golang-1.18: | ||
230 | 133 | upstream_golang-1.18: needs-triage | ||
231 | 134 | trusty_golang-1.18: ignored (out of standard support) | ||
232 | 135 | xenial_golang-1.18: ignored (out of standard support) | ||
233 | 136 | bionic_golang-1.18: needed | ||
234 | 137 | focal_golang-1.18: needed | ||
235 | 138 | jammy_golang-1.18: needed | ||
236 | 139 | kinetic_golang-1.18: DNE | ||
237 | 140 | devel_golang-1.18: DNE | ||
238 | 141 | |||
239 | 43 | Patches_golang-1.19: | 142 | Patches_golang-1.19: |
241 | 44 | upstream_golang-1.19: needs-triage | 143 | upstream: https://github.com/golang/go/commit/7917b5f31204528ea72e0629f0b7d52b35b27538 |
242 | 144 | upstream_golang-1.19: released (1.19.8-1) | ||
243 | 45 | trusty_golang-1.19: ignored (out of standard support) | 145 | trusty_golang-1.19: ignored (out of standard support) |
244 | 46 | xenial_golang-1.19: ignored (out of standard support) | 146 | xenial_golang-1.19: ignored (out of standard support) |
245 | 47 | bionic_golang-1.19: DNE | 147 | bionic_golang-1.19: DNE |
246 | 48 | focal_golang-1.19: DNE | 148 | focal_golang-1.19: DNE |
247 | 49 | jammy_golang-1.19: DNE | 149 | jammy_golang-1.19: DNE |
248 | 50 | kinetic_golang-1.19: needed | 150 | kinetic_golang-1.19: needed |
250 | 51 | devel_golang-1.19: needs-triage | 151 | devel_golang-1.19: not-affected (1.19.8-1) |
251 | 52 | 152 | ||
252 | 53 | Patches_golang-1.20: | 153 | Patches_golang-1.20: |
253 | 154 | upstream: https://github.com/golang/go/commit/bf8c7c575c8a552d9d79deb29e80854dc88528d0 | ||
254 | 54 | upstream_golang-1.20: released (1.20.3-1) | 155 | upstream_golang-1.20: released (1.20.3-1) |
255 | 55 | trusty_golang-1.20: ignored (out of standard support) | 156 | trusty_golang-1.20: ignored (out of standard support) |
256 | 56 | xenial_golang-1.20: ignored (out of standard support) | 157 | xenial_golang-1.20: ignored (out of standard support) |
257 | @@ -58,4 +159,4 @@ bionic_golang-1.20: DNE | |||
258 | 58 | focal_golang-1.20: DNE | 159 | focal_golang-1.20: DNE |
259 | 59 | jammy_golang-1.20: DNE | 160 | jammy_golang-1.20: DNE |
260 | 60 | kinetic_golang-1.20: DNE | 161 | kinetic_golang-1.20: DNE |
262 | 61 | devel_golang-1.20: needs-triage | 162 | devel_golang-1.20: not-affected (1.20.3-1) |
263 | diff --git a/active/CVE-2023-24537 b/active/CVE-2023-24537 | |||
264 | index 3df7358..7d11d38 100644 | |||
265 | --- a/active/CVE-2023-24537 | |||
266 | +++ b/active/CVE-2023-24537 | |||
267 | @@ -12,6 +12,8 @@ Description: | |||
268 | 12 | integer overflow. | 12 | integer overflow. |
269 | 13 | Ubuntu-Description: | 13 | Ubuntu-Description: |
270 | 14 | Notes: | 14 | Notes: |
271 | 15 | zhsj> Introduced by: | ||
272 | 16 | zhsj> https://github.com/golang/go/commit/99c30211b1e0b3ac4e5d32f3ae5eaf759c23195f | ||
273 | 15 | Mitigation: | 17 | Mitigation: |
274 | 16 | Bugs: | 18 | Bugs: |
275 | 17 | Priority: medium | 19 | Priority: medium |
276 | @@ -19,17 +21,117 @@ Discovered-by: | |||
277 | 19 | Assigned-to: | 21 | Assigned-to: |
278 | 20 | CVSS: | 22 | CVSS: |
279 | 21 | 23 | ||
280 | 24 | Patches_golang-1.6: | ||
281 | 25 | upstream_golang-1.6: needs-triage | ||
282 | 26 | trusty_golang-1.6: ignored (out of standard support) | ||
283 | 27 | xenial_golang-1.6: ignored (out of standard support) | ||
284 | 28 | esm-infra/xenial_golang-1.6: not-affected (code not present) | ||
285 | 29 | bionic_golang-1.6: DNE | ||
286 | 30 | focal_golang-1.6: DNE | ||
287 | 31 | jammy_golang-1.6: DNE | ||
288 | 32 | kinetic_golang-1.6: DNE | ||
289 | 33 | devel_golang-1.6: DNE | ||
290 | 34 | |||
291 | 35 | Patches_golang-1.8: | ||
292 | 36 | upstream_golang-1.8: needs-triage | ||
293 | 37 | trusty_golang-1.8: ignored (out of standard support) | ||
294 | 38 | xenial_golang-1.8: ignored (out of standard support) | ||
295 | 39 | bionic_golang-1.8: not-affected (code not present) | ||
296 | 40 | esm-apps/bionic_golang-1.8: not-affected (code not present) | ||
297 | 41 | focal_golang-1.8: DNE | ||
298 | 42 | jammy_golang-1.8: DNE | ||
299 | 43 | kinetic_golang-1.8: DNE | ||
300 | 44 | devel_golang-1.8: DNE | ||
301 | 45 | |||
302 | 46 | Patches_golang-1.9: | ||
303 | 47 | upstream_golang-1.9: needs-triage | ||
304 | 48 | trusty_golang-1.9: ignored (out of standard support) | ||
305 | 49 | xenial_golang-1.9: ignored (out of standard support) | ||
306 | 50 | bionic_golang-1.9: not-affected (code not present) | ||
307 | 51 | esm-apps/bionic_golang-1.9: not-affected (code not present) | ||
308 | 52 | focal_golang-1.9: DNE | ||
309 | 53 | jammy_golang-1.9: DNE | ||
310 | 54 | kinetic_golang-1.9: DNE | ||
311 | 55 | devel_golang-1.9: DNE | ||
312 | 56 | Patches_golang-1.10: | ||
313 | 57 | upstream_golang-1.10: not-affected (code not present) | ||
314 | 58 | trusty_golang-1.10: ignored (out of standard support) | ||
315 | 59 | trusty/esm_golang-1.10: not-affected (code not present) | ||
316 | 60 | xenial_golang-1.10: ignored (out of standard support) | ||
317 | 61 | esm-infra/xenial_golang-1.10: not-affected (code not present) | ||
318 | 62 | bionic_golang-1.10: not-affected (code not present) | ||
319 | 63 | focal_golang-1.10: DNE | ||
320 | 64 | jammy_golang-1.10: DNE | ||
321 | 65 | kinetic_golang-1.10: DNE | ||
322 | 66 | devel_golang-1.10: DNE | ||
323 | 67 | |||
324 | 68 | Patches_golang-1.13: | ||
325 | 69 | upstream_golang-1.13: needs-triage | ||
326 | 70 | trusty_golang-1.13: ignored (out of standard support) | ||
327 | 71 | xenial_golang-1.13: ignored (out of standard support) | ||
328 | 72 | esm-apps/xenial_golang-1.13: needed | ||
329 | 73 | bionic_golang-1.13: needed | ||
330 | 74 | esm-apps/bionic_golang-1.13: needed | ||
331 | 75 | focal_golang-1.13: needed | ||
332 | 76 | jammy_golang-1.13: needed | ||
333 | 77 | esm-apps/jammy_golang-1.13: needed | ||
334 | 78 | kinetic_golang-1.13: needed | ||
335 | 79 | devel_golang-1.13: DNE | ||
336 | 80 | |||
337 | 81 | Patches_golang-1.14: | ||
338 | 82 | upstream_golang-1.14: needs-triage | ||
339 | 83 | trusty_golang-1.14: ignored (out of standard support) | ||
340 | 84 | xenial_golang-1.14: ignored (out of standard support) | ||
341 | 85 | bionic_golang-1.14: DNE | ||
342 | 86 | focal_golang-1.14: needed | ||
343 | 87 | jammy_golang-1.14: DNE | ||
344 | 88 | kinetic_golang-1.14: DNE | ||
345 | 89 | devel_golang-1.14: DNE | ||
346 | 90 | |||
347 | 91 | Patches_golang-1.16: | ||
348 | 92 | upstream_golang-1.16: needs-triage | ||
349 | 93 | trusty_golang-1.16: ignored (out of standard support) | ||
350 | 94 | xenial_golang-1.16: ignored (out of standard support) | ||
351 | 95 | bionic_golang-1.16: needed | ||
352 | 96 | focal_golang-1.16: needed | ||
353 | 97 | esm-apps/focal_golang-1.16: needed | ||
354 | 98 | jammy_golang-1.16: DNE | ||
355 | 99 | kinetic_golang-1.16: DNE | ||
356 | 100 | devel_golang-1.16: DNE | ||
357 | 101 | |||
358 | 102 | Patches_golang-1.17: | ||
359 | 103 | upstream_golang-1.17: needs-triage | ||
360 | 104 | trusty_golang-1.17: ignored (out of standard support) | ||
361 | 105 | xenial_golang-1.17: ignored (out of standard support) | ||
362 | 106 | bionic_golang-1.17: DNE | ||
363 | 107 | focal_golang-1.17: DNE | ||
364 | 108 | jammy_golang-1.17: needed | ||
365 | 109 | kinetic_golang-1.17: DNE | ||
366 | 110 | devel_golang-1.17: DNE | ||
367 | 111 | |||
368 | 112 | Patches_golang-1.18: | ||
369 | 113 | upstream_golang-1.18: needs-triage | ||
370 | 114 | trusty_golang-1.18: ignored (out of standard support) | ||
371 | 115 | xenial_golang-1.18: ignored (out of standard support) | ||
372 | 116 | bionic_golang-1.18: needed | ||
373 | 117 | focal_golang-1.18: needed | ||
374 | 118 | jammy_golang-1.18: needed | ||
375 | 119 | kinetic_golang-1.18: DNE | ||
376 | 120 | devel_golang-1.18: DNE | ||
377 | 121 | |||
378 | 22 | Patches_golang-1.19: | 122 | Patches_golang-1.19: |
380 | 23 | upstream_golang-1.19: needs-triage | 123 | upstream: https://github.com/golang/go/commit/126a1d02da82f93ede7ce0bd8d3c51ef627f2104 |
381 | 124 | upstream_golang-1.19: released (1.19.8-1) | ||
382 | 24 | trusty_golang-1.19: ignored (out of standard support) | 125 | trusty_golang-1.19: ignored (out of standard support) |
383 | 25 | xenial_golang-1.19: ignored (out of standard support) | 126 | xenial_golang-1.19: ignored (out of standard support) |
384 | 26 | bionic_golang-1.19: DNE | 127 | bionic_golang-1.19: DNE |
385 | 27 | focal_golang-1.19: DNE | 128 | focal_golang-1.19: DNE |
386 | 28 | jammy_golang-1.19: DNE | 129 | jammy_golang-1.19: DNE |
387 | 29 | kinetic_golang-1.19: needed | 130 | kinetic_golang-1.19: needed |
389 | 30 | devel_golang-1.19: needs-triage | 131 | devel_golang-1.19: not-affected (1.19.8-1) |
390 | 31 | 132 | ||
391 | 32 | Patches_golang-1.20: | 133 | Patches_golang-1.20: |
392 | 134 | upstream: https://github.com/golang/go/commit/e7c4b07ecf6b367f1afc9cc48cde963829dd0aab | ||
393 | 33 | upstream_golang-1.20: released (1.20.3-1) | 135 | upstream_golang-1.20: released (1.20.3-1) |
394 | 34 | trusty_golang-1.20: ignored (out of standard support) | 136 | trusty_golang-1.20: ignored (out of standard support) |
395 | 35 | xenial_golang-1.20: ignored (out of standard support) | 137 | xenial_golang-1.20: ignored (out of standard support) |
396 | @@ -37,4 +139,4 @@ bionic_golang-1.20: DNE | |||
397 | 37 | focal_golang-1.20: DNE | 139 | focal_golang-1.20: DNE |
398 | 38 | jammy_golang-1.20: DNE | 140 | jammy_golang-1.20: DNE |
399 | 39 | kinetic_golang-1.20: DNE | 141 | kinetic_golang-1.20: DNE |
401 | 40 | devel_golang-1.20: needs-triage | 142 | devel_golang-1.20: not-affected (1.20.3-1) |
402 | diff --git a/active/CVE-2023-24538 b/active/CVE-2023-24538 | |||
403 | index c43d9e3..4a531a4 100644 | |||
404 | --- a/active/CVE-2023-24538 | |||
405 | +++ b/active/CVE-2023-24538 | |||
406 | @@ -31,17 +31,118 @@ Discovered-by: | |||
407 | 31 | Assigned-to: | 31 | Assigned-to: |
408 | 32 | CVSS: | 32 | CVSS: |
409 | 33 | 33 | ||
410 | 34 | Patches_golang-1.6: | ||
411 | 35 | upstream_golang-1.6: needs-triage | ||
412 | 36 | trusty_golang-1.6: ignored (out of standard support) | ||
413 | 37 | xenial_golang-1.6: ignored (out of standard support) | ||
414 | 38 | esm-infra/xenial_golang-1.6: needed | ||
415 | 39 | bionic_golang-1.6: DNE | ||
416 | 40 | focal_golang-1.6: DNE | ||
417 | 41 | jammy_golang-1.6: DNE | ||
418 | 42 | kinetic_golang-1.6: DNE | ||
419 | 43 | devel_golang-1.6: DNE | ||
420 | 44 | |||
421 | 45 | Patches_golang-1.8: | ||
422 | 46 | upstream_golang-1.8: needs-triage | ||
423 | 47 | trusty_golang-1.8: ignored (out of standard support) | ||
424 | 48 | xenial_golang-1.8: ignored (out of standard support) | ||
425 | 49 | bionic_golang-1.8: needed | ||
426 | 50 | esm-apps/bionic_golang-1.8: needed | ||
427 | 51 | focal_golang-1.8: DNE | ||
428 | 52 | jammy_golang-1.8: DNE | ||
429 | 53 | kinetic_golang-1.8: DNE | ||
430 | 54 | devel_golang-1.8: DNE | ||
431 | 55 | |||
432 | 56 | Patches_golang-1.9: | ||
433 | 57 | upstream_golang-1.9: needs-triage | ||
434 | 58 | trusty_golang-1.9: ignored (out of standard support) | ||
435 | 59 | xenial_golang-1.9: ignored (out of standard support) | ||
436 | 60 | bionic_golang-1.9: needed | ||
437 | 61 | esm-apps/bionic_golang-1.9: needed | ||
438 | 62 | focal_golang-1.9: DNE | ||
439 | 63 | jammy_golang-1.9: DNE | ||
440 | 64 | kinetic_golang-1.9: DNE | ||
441 | 65 | devel_golang-1.9: DNE | ||
442 | 66 | |||
443 | 67 | Patches_golang-1.10: | ||
444 | 68 | upstream_golang-1.10: needs-triage | ||
445 | 69 | trusty_golang-1.10: ignored (out of standard support) | ||
446 | 70 | trusty/esm_golang-1.10: needed | ||
447 | 71 | xenial_golang-1.10: ignored (out of standard support) | ||
448 | 72 | esm-infra/xenial_golang-1.10: needed | ||
449 | 73 | bionic_golang-1.10: needed | ||
450 | 74 | focal_golang-1.10: DNE | ||
451 | 75 | jammy_golang-1.10: DNE | ||
452 | 76 | kinetic_golang-1.10: DNE | ||
453 | 77 | devel_golang-1.10: DNE | ||
454 | 78 | |||
455 | 79 | Patches_golang-1.13: | ||
456 | 80 | upstream_golang-1.13: needs-triage | ||
457 | 81 | trusty_golang-1.13: ignored (out of standard support) | ||
458 | 82 | xenial_golang-1.13: ignored (out of standard support) | ||
459 | 83 | esm-apps/xenial_golang-1.13: needed | ||
460 | 84 | bionic_golang-1.13: needed | ||
461 | 85 | esm-apps/bionic_golang-1.13: needed | ||
462 | 86 | focal_golang-1.13: needed | ||
463 | 87 | jammy_golang-1.13: needed | ||
464 | 88 | esm-apps/jammy_golang-1.13: needed | ||
465 | 89 | kinetic_golang-1.13: needed | ||
466 | 90 | devel_golang-1.13: DNE | ||
467 | 91 | |||
468 | 92 | Patches_golang-1.14: | ||
469 | 93 | upstream_golang-1.14: needs-triage | ||
470 | 94 | trusty_golang-1.14: ignored (out of standard support) | ||
471 | 95 | xenial_golang-1.14: ignored (out of standard support) | ||
472 | 96 | bionic_golang-1.14: DNE | ||
473 | 97 | focal_golang-1.14: needed | ||
474 | 98 | jammy_golang-1.14: DNE | ||
475 | 99 | kinetic_golang-1.14: DNE | ||
476 | 100 | devel_golang-1.14: DNE | ||
477 | 101 | |||
478 | 102 | Patches_golang-1.16: | ||
479 | 103 | upstream_golang-1.16: needs-triage | ||
480 | 104 | trusty_golang-1.16: ignored (out of standard support) | ||
481 | 105 | xenial_golang-1.16: ignored (out of standard support) | ||
482 | 106 | bionic_golang-1.16: needed | ||
483 | 107 | focal_golang-1.16: needed | ||
484 | 108 | esm-apps/focal_golang-1.16: needed | ||
485 | 109 | jammy_golang-1.16: DNE | ||
486 | 110 | kinetic_golang-1.16: DNE | ||
487 | 111 | devel_golang-1.16: DNE | ||
488 | 112 | |||
489 | 113 | Patches_golang-1.17: | ||
490 | 114 | upstream_golang-1.17: needs-triage | ||
491 | 115 | trusty_golang-1.17: ignored (out of standard support) | ||
492 | 116 | xenial_golang-1.17: ignored (out of standard support) | ||
493 | 117 | bionic_golang-1.17: DNE | ||
494 | 118 | focal_golang-1.17: DNE | ||
495 | 119 | jammy_golang-1.17: needed | ||
496 | 120 | kinetic_golang-1.17: DNE | ||
497 | 121 | devel_golang-1.17: DNE | ||
498 | 122 | |||
499 | 123 | Patches_golang-1.18: | ||
500 | 124 | upstream_golang-1.18: needs-triage | ||
501 | 125 | trusty_golang-1.18: ignored (out of standard support) | ||
502 | 126 | xenial_golang-1.18: ignored (out of standard support) | ||
503 | 127 | bionic_golang-1.18: needed | ||
504 | 128 | focal_golang-1.18: needed | ||
505 | 129 | jammy_golang-1.18: needed | ||
506 | 130 | kinetic_golang-1.18: DNE | ||
507 | 131 | devel_golang-1.18: DNE | ||
508 | 132 | |||
509 | 34 | Patches_golang-1.19: | 133 | Patches_golang-1.19: |
511 | 35 | upstream_golang-1.19: needs-triage | 134 | upstream: https://github.com/golang/go/commit/b1e3ecfa06b67014429a197ec5e134ce4303ad9b |
512 | 135 | upstream_golang-1.19: released (1.19.8-1) | ||
513 | 36 | trusty_golang-1.19: ignored (out of standard support) | 136 | trusty_golang-1.19: ignored (out of standard support) |
514 | 37 | xenial_golang-1.19: ignored (out of standard support) | 137 | xenial_golang-1.19: ignored (out of standard support) |
515 | 38 | bionic_golang-1.19: DNE | 138 | bionic_golang-1.19: DNE |
516 | 39 | focal_golang-1.19: DNE | 139 | focal_golang-1.19: DNE |
517 | 40 | jammy_golang-1.19: DNE | 140 | jammy_golang-1.19: DNE |
518 | 41 | kinetic_golang-1.19: needed | 141 | kinetic_golang-1.19: needed |
520 | 42 | devel_golang-1.19: needs-triage | 142 | devel_golang-1.19: not-affected (1.19.8-1) |
521 | 43 | 143 | ||
522 | 44 | Patches_golang-1.20: | 144 | Patches_golang-1.20: |
523 | 145 | upstream: https://github.com/golang/go/commit/20374d1d759bc4e17486bde1cb9dca5be37d9e52 | ||
524 | 45 | upstream_golang-1.20: released (1.20.3-1) | 146 | upstream_golang-1.20: released (1.20.3-1) |
525 | 46 | trusty_golang-1.20: ignored (out of standard support) | 147 | trusty_golang-1.20: ignored (out of standard support) |
526 | 47 | xenial_golang-1.20: ignored (out of standard support) | 148 | xenial_golang-1.20: ignored (out of standard support) |
527 | @@ -49,4 +150,4 @@ bionic_golang-1.20: DNE | |||
528 | 49 | focal_golang-1.20: DNE | 150 | focal_golang-1.20: DNE |
529 | 50 | jammy_golang-1.20: DNE | 151 | jammy_golang-1.20: DNE |
530 | 51 | kinetic_golang-1.20: DNE | 152 | kinetic_golang-1.20: DNE |
532 | 52 | devel_golang-1.20: needs-triage | 153 | devel_golang-1.20: not-affected (1.20.3-1) |
Hi, I'm triaging some CVE on the golang-1.x packages. It's the first time for me doing such. I just picked the latest 4. If it works for you, I'll continue with other untriaged CVE on golang-1.x packages.