Track fixed version for golang-1.18 CVE-2022-23806 CVE-2022-23773 via unstable

author: Shengjing Zhu <zhsj@debian.org> 2022-02-18 01:48:47 +0800
committer: Shengjing Zhu <zhsj@debian.org> 2022-02-18 01:48:47 +0800
commit: df43b1ae3d4a7a0b4d17869b04d98e371844367b (patch)
tree: 39c28feba099e318f879fb965a8616af6803a52a
parent: 83439d94e6ad9408b67235545aeeddedf742157c (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/data/CVE/list.2022 b/data/CVE/list.2022
index 0ba3c287d6..a731af36c8 100644
--- a/data/CVE/list.2022
+++ b/data/CVE/list.2022
@@ -4112,7 +4112,7 @@ CVE-2022-23807 (An issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 b
 	NOTE: https://salsa.debian.org/phpmyadmin-team/phpmyadmin/-/issues/3 (missing 2FA packages)
 	NOTE: 2FA support is not packaged in Debian
 CVE-2022-23806 (Curve.IsOnCurve in crypto/elliptic in Go before 1.16.14 and 1.17.x bef ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
@@ -4228,7 +4228,7 @@ CVE-2022-23775
 CVE-2022-23774 (Docker Desktop before 4.4.4 on Windows allows attackers to move arbitr ...)
 	NOT-FOR-US: Docker Desktop
 CVE-2022-23773 (cmd/go in Go before 1.16.14 and 1.17.x before 1.17.7 can misinterpret  ...)
-	- golang-1.18 <unfixed>
+	- golang-1.18 1.18~rc1-1
 	- golang-1.17 1.17.7-1
 	- golang-1.15 <removed>
 	[bullseye] - golang-1.15 <no-dsa> (Minor issue)
author	Shengjing Zhu <zhsj@debian.org>	2022-02-18 01:48:47 +0800
committer	Shengjing Zhu <zhsj@debian.org>	2022-02-18 01:48:47 +0800
commit	df43b1ae3d4a7a0b4d17869b04d98e371844367b (patch)
tree	39c28feba099e318f879fb965a8616af6803a52a
parent	83439d94e6ad9408b67235545aeeddedf742157c (diff)