Add CVE-2020-16845/go

author: Salvatore Bonaccorso <carnil@debian.org> 2020-08-07 13:33:23 +0200
committer: Salvatore Bonaccorso <carnil@debian.org> 2020-08-07 13:33:23 +0200
commit: 3b9b0c94519010404f47bbdb157a7452f7452aef (patch)
tree: d2b947440abd552d8267cc5f7f80c4a1b60651d1 /data
parent: 9151ec0a867280c851f427337809e48c73fd3773 (diff)
1 files changed, 8 insertions, 1 deletions
diff --git a/data/CVE/2020.list b/data/CVE/2020.list
index 9dff23c189..4ca0e60b30 100644
--- a/data/CVE/2020.list
+++ b/data/CVE/2020.list
@@ -1068,7 +1068,14 @@ CVE-2020-16847 (Extreme Analytics in Extreme Management Center before 8.5.0.169
 CVE-2020-16846
 	RESERVED
 CVE-2020-16845 (Go before 1.13.15 and 14.x before 1.14.7 can have an infinite read loo ...)
-	TODO: check
+	- golang-1.15 <unfixed>
+	- golang-1.14 <unfixed>
+	- golang-1.11 <removed>
+	- golang-1.8 <removed>
+	- golang-1.7 <removed>
+	NOTE: https://groups.google.com/forum/#!topic/golang-announce/NyPIaucMgXo
+	NOTE: https://github.com/golang/go/issues/40618
+	NOTE: Fixed in 1.15~rc2, 1.14.7, 1.13.15
 CVE-2020-16844
 	RESERVED
 CVE-2020-16843 (In Firecracker 0.20.x before 0.20.1 and 0.21.x before 0.21.2, the netw ...)
author	Salvatore Bonaccorso <carnil@debian.org>	2020-08-07 13:33:23 +0200
committer	Salvatore Bonaccorso <carnil@debian.org>	2020-08-07 13:33:23 +0200
commit	3b9b0c94519010404f47bbdb157a7452f7452aef (patch)
tree	d2b947440abd552d8267cc5f7f80c4a1b60651d1 /data
parent	9151ec0a867280c851f427337809e48c73fd3773 (diff)