| Release | Version |
|---|---|
| jessie | 0.0~hg190-1 |
| jessie (security) | 0.0~hg190-1+deb8u1 |
| stretch | 1:0.0~git20170407.0.55a552f+REALLY.0.0~git20161012.0.5f31782-1 |
| buster | 1:0.0~git20181203.505ab14-1 |
| bullseye | 1:0.0~git20190701.4def268-1 |
| sid | 1:0.0~git20190701.4def268-1 |
| Bug | jessie | stretch | buster | bullseye | sid | Description |
|---|---|---|---|---|---|---|
| CVE-2019-11841 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | A message-forgery issue was discovered in crypto/openpgp/clearsign/cle ... |
| CVE-2019-11840 | fixed | vulnerable | vulnerable | vulnerable | vulnerable | An issue was discovered in supplementary Go cryptography libraries, ak ... |
| CVE-2017-3204 | vulnerable (no DSA, ignored) | fixed | fixed | fixed | fixed | The Go SSH library (x/crypto/ssh) by default does not verify host keys ... |
| DSA / DLA | Description |
|---|---|
| DLA-1840-1 | golang-go.crypto - security update |