diff options
author | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-16 14:49:00 +0100 |
---|---|---|
committer | Moritz Muehlenhoff <jmm@debian.org> | 2021-11-16 14:49:00 +0100 |
commit | 286369ee674276e0fd3de085ee5a096ca21af9c1 (patch) | |
tree | ec908275ab971f955c279835074e8c2f89722687 | |
parent | 5f14da3b1fbd21646b4bfcbaafa4aee11df6644d (diff) |
NFUS
resolve TODO for older golang versions
-rw-r--r-- | data/CVE/2021.list | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 36cc987f19..0a64f53449 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -5737,19 +5737,19 @@ CVE-2021-41271 (Discourse is a platform for community discussion. In affected ve CVE-2021-41270 RESERVED CVE-2021-41269 (cron-utils is a Java library to define, parse, validate, migrate crons ...) - TODO: check + NOT-FOR-US: cron-utils Java library CVE-2021-41268 RESERVED CVE-2021-41267 RESERVED CVE-2021-41266 (Minio console is a graphical user interface for the for MinIO operator ...) - TODO: check + NOT-FOR-US: Minio console CVE-2021-41265 RESERVED CVE-2021-41264 (OpenZeppelin Contracts is a library for smart contract development. In ...) NOT-FOR-US: OpenZeppelin Contracts CVE-2021-41263 (rails_multisite provides multi-db support for Rails applications. In a ...) - TODO: check + NOT-FOR-US: rails_multisite CVE-2021-41262 RESERVED CVE-2021-41261 @@ -10629,7 +10629,7 @@ CVE-2021-39224 (Nextcloud is an open-source, self-hosted productivity platform. CVE-2021-39223 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) NOT-FOR-US: Nextcloud Richdocuments CVE-2021-39222 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) - TODO: check + - nextcloud-server <itp> (bug #941708) CVE-2021-39221 (Nextcloud is an open-source, self-hosted productivity platform. The Ne ...) NOT-FOR-US: Nextcloud Contacts CVE-2021-39220 (Nextcloud is an open-source, self-hosted productivity platform The Nex ...) @@ -12824,10 +12824,13 @@ CVE-2021-38298 (Zoho ManageEngine ADManager Plus before 7110 is vulnerable to bl CVE-2021-38297 (Go before 1.16.9 and 1.17.x before 1.17.2 has a Buffer Overflow via la ...) - golang-1.17 1.17.2-1 - golang-1.16 1.16.9-1 + - golang-1.11 <removed> + [buster] - golang-1.11 <no-dsa> (Minor issue) + - golang-1.8 <not-affected> (Vulnerable code not present) + - golang-1.7 <not-affected> (Vulnerable code not present) NOTE: https://github.com/golang/go/commit/77f2750f4398990eed972186706f160631d7dae4 NOTE: https://groups.google.com/g/golang-announce/c/AEBu9j7yj5A NOTE: https://github.com/golang/go/issues/48797 - TODO: check older branches CVE-2021-38296 RESERVED CVE-2021-38295 (In Apache CouchDB, a malicious user with permission to create document ...) |