[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1123-1] golang security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : golang
Version        : 2:1.0.2-1.1+deb7u1
CVE ID         : CVE-2017-1000098

It was discovered that there was an issue in the Go programming language
library where an attacker could generate a MIME request such that the
server ran out of file descriptors.

For Debian 7 "Wheezy", this issue has been fixed in golang version
2:1.0.2-1.1+deb7u1.

We recommend that you upgrade your golang packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb
     `. `'`      lamby@debian.org / chris-lamb.co.uk
       `-

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlnXNbUACgkQHpU+J9Qx
HlgPcA//Zae0FyA44qCpL+1TFGB8MGcy0At2S1qm0wXCLKEB+MPrIGKYefkHMSFr
h/ixok2/l6On/Uj1I5RVxNj52wgEpqsphhpf3g13KcffxEnUzECy+GdRvgRtoYUS
76xskx5nsLuV5tfOnub2uMP1+FjZc/FuX/V+Npt3axtt5UFAiwUTjD6McIxQUTTa
Douh4hOrm8qfi0m0jbC1L8ULpAIZ9+OFTbFC97SkVLnniFnBiRQPkqwYcQvJI6Gm
SLMZ7zTidozwtNf5tcGODld/xy6SpzBGPU1AJJk2ojlgCgxyy/aINz6vN0YdPi32
A1HcigYjl+d4NJ5b/pRr6dfEitd2eQ5Q5cRZNmKU/4S/9JMeVllOKbfGXd1voAwv
w5wyG+qtqqsF79n/4Sxwq4xctAmaOaj6Ziu7hv6gpqUO8Tu7xxXl6VevMTWifnq8
mDF/y+fpAk4LWMWACf9fXlk7v5NEuZnSB0DRtP8E6iigCZvc+DRCtdjRWtXAlFCv
sWrFLGg3CJz3s4Pt/EZdbLN9+XP9p/FEfV+ieFvIwCauMfcqRT7lv6LU6SSU2eIg
X12qWeuigdY+GgOC0cXiYw5BAF896QRb3kIxZREMwVriB/d4UE8MTXcJ3Ogw3D8/
roWw6W1JeeF760qxsCguJxa/bZ6usz7u5cuh8HgIhJwZiDbjKzU=
=QYpj
-----END PGP SIGNATURE-----


Reply to: