From 949dcd3e10dea7e0f94ac055a82c2ab7438dc2ee Mon Sep 17 00:00:00 2001 From: Sylvain Beucler Date: Fri, 21 Jan 2022 21:58:34 +0100 Subject: Reserve DLA-2891-1 for golang-1.8 --- data/CVE/list | 1 - data/DLA/list | 3 +++ data/dla-needed.txt | 3 --- 3 files changed, 3 insertions(+), 4 deletions(-) diff --git a/data/CVE/list b/data/CVE/list index c447674dcd..1bd994b93c 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -41270,7 +41270,6 @@ CVE-2021-33196 (In archive/zip in Go before 1.15.13 and 1.16.x before 1.16.5, a - golang-1.11 [buster] - golang-1.11 (Minor issue) - golang-1.8 - [stretch] - golang-1.8 (Minor issue, OOM, requires rebuilding reverse-dependencies) - golang-1.7 [stretch] - golang-1.7 (Minor issue, OOM, requires rebuilding reverse-dependencies) NOTE: https://github.com/golang/go/issues/46242 diff --git a/data/DLA/list b/data/DLA/list index 3261359c34..0e50636ad6 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[21 Jan 2022] DLA-2891-1 golang-1.8 - security update + {CVE-2021-33196 CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717} + [stretch] - golang-1.8 1.8.1-1+deb9u4 [21 Jan 2022] DLA-2890-1 libspf2 - security update {CVE-2021-33912 CVE-2021-33913} [stretch] - libspf2 1.2.10-7+deb9u2 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 738432efab..ea284c947e 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -53,9 +53,6 @@ gif2apng golang-1.7 (Sylvain Beucler) NOTE: 20220114: harmonize with bullseye-11.2 (CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717) (Beuc) -- -golang-1.8 (Sylvain Beucler) - NOTE: 20220114: harmonize with bullseye-11.2 (CVE-2021-36221 CVE-2021-39293 CVE-2021-41771 CVE-2021-44716 CVE-2021-44717) (Beuc) --- gpac (Roberto C. Sánchez) NOTE: 20211101: coordinating with secteam for s-p-u since stretch/buster versions match (roberto) NOTE: 20211120: received OK from secteam for buster update, working on stretch/buster in parallel (roberto) -- cgit v1.2.3