778e233a1a
data/reports: add GHSA to GO-2020-0026.yaml
...
Aliases: CVE-2018-1103, GHSA-w55j-f7vx-6q37
Updates golang/vulndb#26
Change-Id: Ib3fbb9a0a20fe15fec4c78d2d02277f8c95f8901
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/466137
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-07 21:49:48 +00:00
e7e5ce5060
data/reports: add skip_fix to GO-2022-1180.yaml
...
Aliases: CVE-2022-47633, GHSA-m3cq-xcx9-3gvm
Updates golang/vulndb#1180
Change-Id: Ie879d730d352a9329bc7adf36180445bd94846d3
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/466078
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
2023-02-07 21:49:47 +00:00
5de5cebd52
data/reports: add skip_fix / fix formatting for some reports
...
Change-Id: If4cb3f9637dbd4676bfd56e68c55ce44703fe696
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/466077
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-07 21:49:45 +00:00
f090099d79
data/reports: fix formatting for GO-2022-1159.yaml
...
Aliases: CVE-2022-4123, GHSA-rprg-4v7q-87v7
Updates golang/vulndb#1159
Change-Id: I712242bc64fec3b69c163278133326883a1e9295
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/466076
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-07 21:49:44 +00:00
c9193aa05a
tests: correct typos in output
...
Change-Id: I598f3d7af6569559658c27114999e9820bd20485
GitHub-Last-Rev: 474cabb423golang/vulndb#1532
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465695
Reviewed-by: Ian Lance Taylor <iant@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: David Chase <drchase@google.com>
Run-TryBot: Ian Lance Taylor <iant@google.com>
2023-02-07 17:10:18 +00:00
0c997e2d8e
data/reports: run fix on GO-2022-1148.yaml
...
This required running fix with an older version of Go because
some dependencies only work with <1.19.
Aliases: CVE-2022-23492, GHSA-j7qp-mfxf-8xjw
Updates golang/vulndb#1148
Change-Id: I5d3ada1b59f57f3f72157a367ff69028540ec05b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465815
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:07:05 +00:00
d7fb56a3ff
data/reports: add skip_fix to some reports
...
These already had vulnerable_at, but fixed failed.
Change-Id: I4f9b2e570b0642566123b6f2f6ed2b4625a9b9bc
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465817
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:06:37 +00:00
03da7dfb7c
data/reports: fix package in GO-2022-1086.yaml
...
Aliases: CVE-2022-38580, GHSA-f2rj-m42r-6jm2
Updates golang/vulndb#1086
Change-Id: Id66c03865f990f1fe3ccffec7b41573cd679556d
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465816
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:06:29 +00:00
1ebceada91
data/reports: add vulnerable_at to some reports
...
Change-Id: Ia89b783ab748eb8f51991276d6094e69d8537fa9
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465804
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
2023-02-07 16:06:22 +00:00
49d3317219
data/reports: add vulnerable_at and skip_fix to reports
...
Change-Id: I08411b334417ac17f27c3233df27742dd69906ab
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465803
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:06:09 +00:00
aceb618704
data/reports: fix versions in GO-2022-0603.yaml
...
Aliases: CVE-2022-28948, GHSA-hp87-p4gw-j4gq
Updates golang/vulndb#603
Change-Id: Ief9269f8943b2e76cdf458965087faf2387adefd
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465802
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:06:01 +00:00
f01ed42065
data/reports: add vulnerable_at to GO-2022-0569.yaml
...
Aliases: CVE-2022-31836, GHSA-95f9-94vc-665h
Updates golang/vulndb#569
Change-Id: If26ddd1f63c2d82bf4a6e069a1de1945a5b6491d
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465801
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:05:55 +00:00
93f2ec9290
data/reports: add vulnerable_at to GO-2022-0572.yaml
...
Aliases: CVE-2021-30080, GHSA-28r6-jm5h-mrgg
Updates golang/vulndb#572
Change-Id: Ibbda521c20c8338441f75be66bb8a800a443a325
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465800
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
2023-02-07 16:05:49 +00:00
dbbdb3aa0b
data/reports: add vulnerable_at to GO-2021-0105.yaml
...
Also fixes package name
Aliases: CVE-2020-26265, GHSA-xw37-57qp-9mm4
Updates golang/vulndb#105
Change-Id: I0e15f83d189ba546b7961cd9f2ab055908a9b9cf
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465799
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
2023-02-07 16:05:43 +00:00
72bcb3526a
data/reports: add vulnerable_at to GO-2021-0098.yaml
...
Aliases: CVE-2021-21237, GHSA-cx3w-xqmc-84g5
Updates golang/vulndb#98
Change-Id: I69c91b82b7b477c494c2ef8884b0e8d6e034589e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465798
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:05:32 +00:00
b0e70d0a64
data/reports: add vulnerable_at to GO-2021-0097.yaml
...
Aliases: CVE-2020-29242, CVE-2020-29243, CVE-2020-29244, CVE-2020-29245
Updates golang/vulndb#97
Change-Id: I54ddcaae0d9e3be94eaa1998dce9c239a9746415
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465797
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-07 16:05:22 +00:00
202a12d5f6
data/reports: add vulnerable_at to GO-2021-0094.yaml
...
Aliases: CVE-2020-29529
Updates golang/vulndb#94
Change-Id: I065e04bfa1434500f74c644e900439099266e06c
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465796
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-07 16:05:03 +00:00
790329ade5
data/reports: add vulnerable_at to GO-2021-0088.yaml
...
Aliases: CVE-2019-3564, GHSA-x4rg-4545-4w7w
Updates golang/vulndb#88
Change-Id: I161e5d2c28b83a9e0b97584c9120aa372244b16d
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465795
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
2023-02-07 16:04:49 +00:00
bbcb7f3159
data/reports: add vulnerable_at to GO-2022-0586.yaml
...
Also adds missing packages and removes unconfirmed "introduced" versions
Aliases: CVE-2022-26945, CVE-2022-30321, CVE-2022-30322, CVE-2022-30323, GHSA-28r2-q6m8-9hpx, GHSA-cjr4-fv6c-f3mv, GHSA-fcgg-rvwg-jv58, GHSA-x24g-9w7v-vprh
Updates golang/vulndb#586
Change-Id: Ib93dbfd87ba248172d757733e2bd4dd8995bf102
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465175
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-06 18:31:19 +00:00
eed7737588
data/reports: add vulnerable_at to some reports
...
For reports that had errors, a possible reason is given with a TODO to
revisit. We will begin by adding vulnerable_at to everything (if
possible), and then break up the work to investigate errors.
Change-Id: I350d1ded5185913a6b75e95625e46c7c18aea1e0
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465635
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
2023-02-06 18:23:06 +00:00
0396b36040
data/reports: add vulnerable_at to GO-2020-0032.yaml
...
Aliases: CVE-2019-25073, GHSA-fjgq-224f-fq37
Updates golang/vulndb#32
Change-Id: Ia048bb5e08e96e66a38ebed3f43f7304f2b681a2
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465177
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
2023-02-06 16:21:23 +00:00
f0441fd318
data/reports: add vulnerable_at to GO-2020-0007.yaml
...
Aliases: CVE-2017-18367, GHSA-58v3-j75h-xr49
Updates golang/vulndb#7
Change-Id: I566617e7fd9df18d0fe377847b02d8cbd5ce6ac0
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465176
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Damien Neil <dneil@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
2023-02-06 16:20:01 +00:00
b76345a101
data/reports: add vulnerable_at to GO-2021-0101.yaml
...
Aliases: CVE-2019-0210, GHSA-jq7p-26h5-w78r
Updates golang/vulndb#101
Change-Id: I1b688d09c2608cdd6f13d987c796c0e419179e63
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465183
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-06 16:18:38 +00:00
6fdbe6f389
data/reports: add vulnerable_at to GO-2021-0104.yaml
...
Aliases: CVE-2021-28681, GHSA-74xm-qj29-cq8p
Updates golang/vulndb#104
Change-Id: I542dbf322397998463555c5eeac3c950ab2a93c2
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465182
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
2023-02-06 16:18:04 +00:00
a5f78dd22d
data/reports: add vulnerable_at to GO-2021-0106.yaml
...
Aliases: CVE-2020-36566, GHSA-jpf8-h7h7-3ppm
Updates golang/vulndb#106
Change-Id: I20ed408d1797c564aeaedb83603786daefde1c75
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465181
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-02-06 16:16:46 +00:00
a9d74d0f79
data/reports: add vulnerable_at to GO-2021-0113.yaml
...
Aliases: CVE-2021-38561, GHSA-ppp9-7jff-5vj2
Updates golang/vulndb#113
Change-Id: I1b6108e968286216b1e353987e59da0fb9c0acc5
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465180
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-06 16:15:44 +00:00
2fc0ee00d2
data/reports: add vulnerable_at to GO-2021-0227.yaml
...
Aliases: CVE-2020-29652
Updates golang/vulndb#227
Change-Id: I596dd614fab9ec50299d151bf395ca3439601e76
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465179
Reviewed-by: Tim King <taking@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-06 16:15:26 +00:00
751df622de
data/reports: add vulnerable_at to some reports
...
Change-Id: I731920f60f900b06dbc3512c4624dac81caaf2f0
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/465184
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-06 16:14:36 +00:00
b9638e6227
all_test: remove TestMissingReports
...
Updates golang/go#56139
Change-Id: I6288b65cb073730b6069512b0259a0a1e09519ed
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464935
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Zvonimir Pavlinovic <zpavlinovic@google.com>
2023-02-02 21:53:37 +00:00
7876d99c1c
data/reports: add vulnerable_at to GO-2020-0027.yaml
...
Additionally fix packages and symbols
Aliases: CVE-2018-6558, GHSA-qj26-7grj-whg3
Updates golang/vulndb#27
Change-Id: I11bcc36c230158c5e5a334da84d063a7e5e69fb5
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464895
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-02 19:37:40 +00:00
47fa79d681
data/reports: apply vulnreport fix to 0113
...
Change-Id: If8300491d03b08130a7fe616ef85f09491810e6e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464024
Run-TryBot: Tim King <taking@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-02 17:52:29 +00:00
ed38bf91cc
data/reports: apply vulnreport fix to 1184
...
Change-Id: I2627e1036d0168e67d37ef09f17448c3243ee6c1
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464026
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tim King <taking@google.com>
2023-02-02 17:11:54 +00:00
1ecf85566b
data/reports: apply vulnreport fix to 1185 1502
...
Change-Id: I45470468a49e8ab01d1c6bb8dc694da154709470
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464029
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-02 17:11:34 +00:00
7c2e4ff07b
data/reports: apply vulnreport fix to 0368 0940 1100
...
Change-Id: I294e92cc4d96d25fbb667cb3f34a2ee72433431b
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464028
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tim King <taking@google.com>
2023-02-02 17:11:07 +00:00
2ba7d24a0e
data/reports: apply vulnreport fix to 1113
...
Change-Id: I87e18155e7787b8b5fe026b3e838289027797c7f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464027
Run-TryBot: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-02 17:06:34 +00:00
bea303a059
data/reports: apply vulnreport fix to 1143
...
Change-Id: I02e9942cdac8ef12afd5bbb787117d6b88f0d60f
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464025
Run-TryBot: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-02 17:05:35 +00:00
6bbce1a38b
data/excluded: batch add GO-2023-1493
...
Fixes golang/vulndb#1493
Change-Id: If2d97c53bd18bdc44b5b3cf5976678454d7e20cd
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464476
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Julie Qiu <julie@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-02 16:38:32 +00:00
141e74cebf
data/reports: update GO-2023-1295.yaml
...
Add missing symbols
Fixes golang/vulndb#1295
Change-Id: I76718ce23a11c2ea4dc64fee322ebea67e9f11bd
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464537
Auto-Submit: Julie Qiu <julieqiu@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-02 16:37:57 +00:00
c0964740b2
data/reports: update GO-2023-1494.yaml
...
For golang/vulndb#1494
Change-Id: I6d91b7a4c1cb73f3124ab024a6d33190aaf71bdb
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464536
Auto-Submit: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
2023-02-02 16:37:54 +00:00
a06b976966
data/reports: add GO-2023-1497.yaml
...
Aliases: CVE-2022-23538, GHSA-7p8m-22h4-9pj7
Fixes golang/vulndb#1497
Change-Id: I9238971a6292d3bdc10bffbef99cb7fc10c5dd40
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464304
Auto-Submit: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-01 23:23:36 +00:00
97c35d169f
data/reports: add GO-2023-1494.yaml
...
Aliases: CVE-2014-125064, GHSA-g7mw-9pf9-p2pm
Fixes golang/vulndb#1494
Change-Id: Ib99a2e0d06d5163fe17db7e095514d827fda3caf
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464303
Run-TryBot: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-01 23:23:34 +00:00
25617d6e34
data/reports: add GO-2023-1295.yaml
...
Aliases: CVE-2020-36645, GHSA-3hc7-2xcc-7p8f
Fixes golang/vulndb#1295
Change-Id: I9947d523e7f9aa3b28e0a5b7641e140a858d1216
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464302
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Julie Qiu <julie@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>
2023-02-01 23:19:27 +00:00
06fe3c11c9
data/reports: apply vulnreport fix to populate SkipFix
...
Adding todos for SkipFix fields where needed.
Change-Id: I224e8f9b1cc7a02136c3f9608296dc4378f65cc9
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464017
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Tim King <taking@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
2023-02-01 22:18:28 +00:00
2d19bb57ae
internal/report: adds SkipFix field to Package
...
New SkipFix field on report.Package indicates that a package
should not be automatically updated by vulnreport fix.
vulnreport fix now automatically adds a todo message if this
field and Module.VulnerableAt are both empty.
Lint rules will come later.
Change-Id: I574539362cf334cdc9fee59f036e1de8e5b5bd6e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464016
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-01 21:39:14 +00:00
766e59ff3a
data/reports: add vulnerable_at to GO-2022-0435.yaml
...
Aliases: CVE-2022-28327
Updates golang/vulndb#435
Change-Id: Ibe158f3a76cee5dcbcb2e50ba841384c01ab5a7e
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/463678
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-02-01 21:25:25 +00:00
30aee1cbc9
data/reports: add missing alias to GO-2023-1495.yaml
...
Aliases: CVE-2022-41721, GHSA-fxg5-wq6x-vr4w
Updates golang/vulndb#1495
Fixes golang/vulndb#1507
Change-Id: I1dec284a79c4e52195d1e07a2d878bb840d50041
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464318
Auto-Submit: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
2023-01-31 21:39:17 +00:00
c9eaa27075
data/reports: add missing alias to GO-2022-1144.yaml
...
Aliases: CVE-2022-41717, GHSA-xrjj-mj9h-534m
Updates golang/vulndb#1144
Fixes golang/vulndb#1501
Change-Id: Ib2313bdf9ae45f2f138fcc637392606a60be5759
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464317
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
2023-01-31 21:39:15 +00:00
395ce963e4
data/excluded: batch add excluded reports
...
Add reports:
- GO-2023-1509
- GO-2023-1506
- GO-2023-1504
- GO-2023-1502
- GO-2023-1492
- GO-2023-1491
- GO-2023-1388
- GO-2023-1377
- GO-2023-1500
- GO-2023-1499
- GO-2023-1498
- GO-2023-1496
- GO-2023-1468
- GO-2023-1466
- GO-2023-1463
- GO-2023-1283
Fixes golang/vulndb#1509
Fixes golang/vulndb#1506
Fixes golang/vulndb#1504
Fixes golang/vulndb#1502
Fixes golang/vulndb#1492
Fixes golang/vulndb#1491
Fixes golang/vulndb#1388
Fixes golang/vulndb#1377
Fixes golang/vulndb#1500
Fixes golang/vulndb#1499
Fixes golang/vulndb#1498
Fixes golang/vulndb#1496
Fixes golang/vulndb#1468
Fixes golang/vulndb#1466
Fixes golang/vulndb#1463
Fixes golang/vulndb#1283
Change-Id: Ibe656933231f6f86ad496bd2d1a6c1c506c504cc
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/464316
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Julie Qiu <julieqiu@google.com>
Run-TryBot: Julie Qiu <julieqiu@google.com>
Auto-Submit: Julie Qiu <julieqiu@google.com>
2023-01-31 21:39:06 +00:00
a7f50feb26
data/reports: fix GO-2021-0085.yaml
...
Add vulnerable_at, symbols, and fix packages
Aliases: CVE-2019-16884, GHSA-fgv8-vj5c-2ppq
Updates golang/vulndb#85
Change-Id: I38fafcb65c74a36cde3add37858ea3fbd606ae51
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/463682
Reviewed-by: Tatiana Bradley <tatianabradley@google.com>
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tim King <taking@google.com>
2023-01-31 19:20:18 +00:00
1a1bb5a2f1
data/reports: add vulnerable_at to GO-2021-0412.yaml
...
Aliases: CVE-2022-24778, GHSA-8v99-48m9-c8pm
Updates golang/vulndb#412
Change-Id: I2bcb4d456b3cffec1439d117221391e1f63e1035
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/463681
Run-TryBot: Tatiana Bradley <tatianabradley@google.com>
Auto-Submit: Tatiana Bradley <tatianabradley@google.com>
Reviewed-by: Tim King <taking@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
2023-01-31 19:20:11 +00:00
Tatiana Bradley
Oleksandr Redko
Zvonimir Pavlinovic
Tim King
Julie Qiu