CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2015/08/22 02:19:06
Modified files:
lang/go : Tag: OPENBSD_5_8 Makefile
Added files:
lang/go/patches: Tag: OPENBSD_5_8 patch-src_net_http_header_go
patch-src_net_http_readrequest_test_go
patch-src_net_http_transfer_go
patch-src_net_textproto_reader_go
patch-src_net_textproto_reader_test_go
Log message:
backport various security fixes:
- CVE-2015-5739, "Content Length" treated as valid header
- CVE-2015-5740, Double content-length headers does not return 400 error
- CVE-2015-5741, Additional hardening, not sending Content-Length
w/Transfer-Encoding, Closing connections
from upstream git
ok jsing@ (MAINTAINER), czarkoff@
