Hi, there are a couple of CVEs in golang: CVE-2019-14809: net/url: URL.Parse Multiple Parsing Issues Issue: https://github.com/golang/go/issues/29098 Fixed for golang-1.11: https://github.com/golang/go/commit/c1d9ca70995dc232a2145e3214f94e03409f6fcc Fixed for golang-1.12: https://github.com/golang/go/commit/3226f2d492963d361af9dfc6714ef141ba606713 CVE-2019-9512, CVE-2019-9514 net/http, x/net/http2: Denial of Service vulnerabilities in the HTTP/2 implementation Issue: https://github.com/golang/go/issues/33606 Fixed for golang-1.11: https://github.com/golang/go/commit/e152b01a468a1c18a290bf9aec52ccea7693c7f2 Fixed for golang-1.12: https://github.com/golang/go/commit/7139b45d1410ded14e1e131151fd8dfc435ede6c Regards, Tobias
Attachment:
signature.asc
Description: OpenPGP digital signature