Описание
ELSA-2025-8477: golang security update (MODERATE)
[1.23.9-1]
- Update to 1.23.9
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
go-toolset
1.23.9-1.el10_0
golang
1.23.9-1.el10_0
golang-bin
1.23.9-1.el10_0
golang-docs
1.23.9-1.el10_0
golang-misc
1.23.9-1.el10_0
golang-src
1.23.9-1.el10_0
golang-tests
1.23.9-1.el10_0
Oracle Linux x86_64
go-toolset
1.23.9-1.el10_0
golang
1.23.9-1.el10_0
golang-bin
1.23.9-1.el10_0
golang-docs
1.23.9-1.el10_0
golang-misc
1.23.9-1.el10_0
golang-src
1.23.9-1.el10_0
golang-tests
1.23.9-1.el10_0
Связанные CVE
Связанные уязвимости
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext.
Request smuggling due to acceptance of invalid chunked data in net/http
The net/http package improperly accepts a bare LF as a line terminator ...