CVEs in golang

2019-08-14 Thread Dr. Tobias Quathamer
Hi, there are a couple of CVEs in golang: CVE-2019-14809: net/url: URL.Parse Multiple Parsing Issues Issue: https://github.com/golang/go/issues/29098 Fixed for golang-1.11: https://github.com/golang/go/commit/c1d9ca70995dc232a2145e3214f94e03409f6fcc Fixed for golang-1.12:

Re: Have I caught a firmware attack in the act? Or am I just paranoid?

2019-08-14 Thread Elmar Stellnberger
Dear Rebecca Am 13.08.19 um 09:14 schrieb Rebecca N. Palmer: (b), physical access attack, would require an attacker breaking into my home.  (It has been several years since I last took the affected flash drive anywhere else or plugged it into any other computer.) If they're willing to do

External check

2019-08-14 Thread Security Tracker
CVE-2019-10199: RESERVED CVE-2019-10201: RESERVED CVE-2019-11250: RESERVED -- The output might be a bit terse, but the above ids are known elsewhere, check the references in the tracker. The second part indicates the status of that id in the tracker at the moment the script was run.