Описание
ELSA-2019-1519: go-toolset:rhel8 security update (MODERATE)
go-toolset [1.11.5-2]
- Include patch to fix CVE-2019-9741
- Resolves: rhbz#1690443
golang [1.11.5-2]
- Include patch to fix CVE-2019-9741
- Resolves: rhbz#1690443
[1.11.5-2]
- Switch to pagure fork for Go FIPS
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module go-toolset:ol8 is enabled
go-toolset
1.11.5-2.module+el8.0.0+5230+75360568
golang
1.11.5-2.module+el8.0.0+5230+75360568
golang-bin
1.11.5-2.module+el8.0.0+5230+75360568
golang-docs
1.11.5-2.module+el8.0.0+5230+75360568
golang-misc
1.11.5-2.module+el8.0.0+5230+75360568
golang-src
1.11.5-2.module+el8.0.0+5230+75360568
golang-tests
1.11.5-2.module+el8.0.0+5230+75360568
Oracle Linux x86_64
Module go-toolset:ol8 is enabled
go-toolset
1.11.5-2.module+el8.0.0+5230+75360568
golang
1.11.5-2.module+el8.0.0+5230+75360568
golang-bin
1.11.5-2.module+el8.0.0+5230+75360568
golang-docs
1.11.5-2.module+el8.0.0+5230+75360568
golang-misc
1.11.5-2.module+el8.0.0+5230+75360568
golang-race
1.11.5-2.module+el8.0.0+5230+75360568
golang-src
1.11.5-2.module+el8.0.0+5230+75360568
golang-tests
1.11.5-2.module+el8.0.0+5230+75360568
Связанные CVE
Связанные уязвимости
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
An issue was discovered in net/http in Go 1.11.5. CRLF injection is po ...