Hi, there is another CVE in golang: CVE-2019-16276 net/textproto: don't normalize headers with spaces before the colon. https://github.com/golang/go/issues/34541 This has been fixed in the latest uploads of golang: golang-1.12: 1.12.10-1 golang-1.13: 1.13.1-1 For the stable distribution, I'll prepare an upload for golang-1.11 and will contact the security team to get a permission. The fixed upload will most likely be version 1.11.6-1+deb10u2. Regards, Tobias
Attachment:
signature.asc
Description: OpenPGP digital signature