CVE-2021-3538 #691

martinhrvn · 2022-04-28T18:44:01Z

Hi, any chance of releasing new patch version that includes this PR: #690

There is CVE-2021-3538 that was fixed in that PR.

Thanks :)

lance6716 · 2022-04-28T23:57:00Z

@atercattus do you have time to release a new version 😄

atercattus · 2022-04-29T10:17:59Z

OK, I'll do it today 👍

atercattus · 2022-04-30T08:00:13Z

dveeden · 2023-01-30T12:48:21Z

Maybe this should be listed on https://github.com/go-mysql-org/go-mysql/security/advisories ?
I also assume this issue should be closed?

dveeden · 2024-10-27T09:40:36Z

lance6716 · 2024-10-28T02:35:50Z

dveeden · 2024-10-28T07:39:03Z

On the right it says "No known CVE", shouldn't it say "CVE-2021-3538"?

lance6716 · 2024-10-28T07:53:12Z

I'm not sure if that CVE identifier should be only used by github.com/satori/go.uuid . I'll check other repo's security advisories later 😂

lance6716 · 2024-10-28T10:31:34Z

It's hard to find a reference that I can follow their action. Most repo does not publish security advisories 😂

dveeden · 2024-10-28T10:55:30Z

Let's leave it as is for now

lance6716 closed this as completed Oct 28, 2024

Provide feedback