Hi, On Thu, Sep 26, 2019 at 12:27:37PM +0200, Dr. Tobias Quathamer wrote: > Am 26.09.19 um 12:09 schrieb Dr. Tobias Quathamer: > > Hi, > > > > there is another CVE in golang: > > > > CVE-2019-16276 > > net/textproto: don't normalize headers with spaces before the colon. > > https://github.com/golang/go/issues/34541 > > > > This has been fixed in the latest uploads of golang: > > > > golang-1.12: 1.12.10-1 > > golang-1.13: 1.13.1-1 > > ... oh, and some more information: > > Debian bug #941173 > > golang-1.12: > https://github.com/golang/go/issues/34541 > https://github.com/golang/go/commit/6e6f4aaf70c8b1cc81e65a26332aa9409de03ad8 > > golang-1.13: > https://github.com/golang/go/issues/34542 > https://github.com/golang/go/commit/5a6ab1ec3e678640befebeb3318b746a64ad986c
Thanks! Regards, Salvatore
