Information on source package golang-go.crypto

Available versions

ReleaseVersion
jessie0.0~hg190-1+deb8u2
stretch1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1+deb8u1
buster1:0.0~git20181203.505ab14-1
buster (security)1:0.0~git20181203.505ab14-1+deb10u1
bullseye1:0.0~git20201221.eec23a3-1
bookworm1:0.4.0-1
trixie1:0.21.0-1
sid1:0.21.0-1

Open issues

BugjessiestretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-48795vulnerablevulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedThe SSH transport protocol with certain OpenSSH extensions, found in O ...
CVE-2022-27191vulnerablevulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedfixedThe golang.org/x/crypto/ssh package before 0.0.0-20220314234659-1baeb1 ...
CVE-2021-43565vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedfixedThe x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of g ...
CVE-2020-29652vulnerablefixedfixedfixedfixedfixedfixedA nil pointer dereference in the golang.org/x/crypto/ssh component thr ...
CVE-2020-9283vulnerable (no DSA)fixedfixedfixedfixedfixedfixedgolang.org/x/crypto before v0.0.0-20200220183623-bac4c82f6975 for Go a ...
CVE-2017-3204vulnerable (no DSA, ignored)fixedfixedfixedfixedfixedfixedThe Go SSH library (x/crypto/ssh) by default does not verify host keys ...

Resolved issues

BugDescription
CVE-2019-11841A message-forgery issue was discovered in crypto/openpgp/clearsign/cle ...
CVE-2019-11840An issue was discovered in supplementary Go cryptography libraries, ak ...

Security announcements

DSA / DLADescription
DLA-3455-1golang-go.crypto - security update
DLA-2402-1golang-go.crypto - security update
DLA-1920-1golang-go.crypto - security update
DLA-1840-1golang-go.crypto - security update
Search for package or bug name: Reporting problems