diff options
author | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-04 08:58:34 +0200 |
---|---|---|
committer | Salvatore Bonaccorso <carnil@debian.org> | 2020-07-04 08:58:34 +0200 |
commit | ee6d7ac941017a956512777abfbe588e9060aebc (patch) | |
tree | d30ccd4cf23aa9856e6e39284516c514787c5273 /data | |
parent | b0e619b456bc81f11fcdc8ca8394bdf3b4307afa (diff) |
Add CVE-2020-14040/golang-x-text
Question to reviewers: Why are there actually both source packages?
Should one be dropped in Debian?
Diffstat (limited to 'data')
-rw-r--r-- | data/CVE/list | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/data/CVE/list b/data/CVE/list index 935b20ae26..fc1afcb8d1 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -3542,7 +3542,11 @@ CVE-2020-14042 CVE-2020-14041 RESERVED CVE-2020-14040 (Go version v0.3.3 of the x/text package fixes a vulnerability in encod ...) - TODO: check + - golang-golang-x-text <unfixed> + - golang-x-text <unfixed> + NOTE: https://github.com/golang/go/issues/39491 + NOTE: https://go.googlesource.com/text/+/23ae387dee1f90d29a23c0e87ee0b46038fbed0e + NOTE: https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0 CVE-2020-14039 RESERVED CVE-2020-XXXX [Editor: Ensure latest comments can only be viewed from public posts] |