Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

security: fix CVE-2022-2879 #54853

Open
neild opened this issue Sep 3, 2022 · 3 comments
Open

security: fix CVE-2022-2879 #54853

neild opened this issue Sep 3, 2022 · 3 comments
Assignees
Labels
NeedsFix The path to resolution is known, but the work has not been done. release-blocker Security
Milestone

Comments

@neild
Copy link
Contributor

neild commented Sep 3, 2022

This is a PRIVATE issue for CVE-2022-2879 tracked in http://b/242554398.

@neild neild added the Security label Sep 3, 2022
@neild neild self-assigned this Sep 3, 2022
@seankhliao seankhliao added this to the Go1.20 milestone Sep 3, 2022
@neild neild modified the milestones: Go1.20, Go1.19.2 Sep 22, 2022
@neild neild assigned rolandshoemaker and unassigned neild Sep 22, 2022
@rolandshoemaker
Copy link
Member

rolandshoemaker commented Sep 28, 2022

@gopherbot please open backport issues.

@gopherbot
Copy link

gopherbot commented Sep 28, 2022

Backport issue(s) opened: #55925 (for 1.18), #55926 (for 1.19).

Remember to create the cherry-pick CL(s) as soon as the patch is submitted to master, according to https://go.dev/wiki/MinorReleases.

@dmitshur
Copy link
Contributor

dmitshur commented Sep 29, 2022

Moving back to Go1.20 milestone. (Go1.19.2 now has #55926 backport issue.)

@dmitshur dmitshur modified the milestones: Go1.19.2, Go1.20 Sep 29, 2022
@dmitshur dmitshur added the NeedsFix The path to resolution is known, but the work has not been done. label Sep 29, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
NeedsFix The path to resolution is known, but the work has not been done. release-blocker Security
Projects
None yet
Development

No branches or pull requests

5 participants