Microsoft’s brief advisory language should be read carefully: Azure Linux is the product Microsoft has publicly attested as including the vulnerable golang.org/x/net/html component for CVE‑2023‑3978, but that attestation is a scoped inventory statement — not a mathematical proof that no other...