Summary: | <dev-lang/go-1.9.4: arbitrary code execution during go get (CVE-2018-6574) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | williamh |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/golang/go/issues/23672 | ||
Whiteboard: | B2 [glsa+ cve] | ||
Package list: |
dev-lang/go-1.9.4
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
2018-02-10 20:31:54 UTC
dev-lang/go-1.9.4 is in the tree and stable on amd64. @ Arches, please test and mark stable: =dev-lang/go-1.9.4 x86 stable arm stable, all arches done. Thank you all, GLSA Request filed. @Maintainer please proceed to clean up the tree. @ Maintainer(s): Please cleanup and drop <dev-lang/go-1.9.4! This issue was resolved and addressed in GLSA 201803-03 at https://security.gentoo.org/glsa/201803-03 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for pending cleanup. arm stable, all arches done. @Maintainer proceed to remove vulnerable versions. Thank you All versions < 1.9.4 have been removed. |