Re: CVE in golang
Hi Tobias,
On Fri, Jan 31, 2020 at 10:07:34PM +0100, Dr. Tobias Quathamer wrote:
> Dear security team,
>
> after some quiet months, it's time again for a
> security issue in golang :-)
>
> CVE-2020-7919
> crypto/x509, x/crypto/cryptobyte: panic in certificate parsing
> Issue: https://github.com/golang/go/issues/36838
>
> I've already uploaded a fixed version (golang-1.13) to unstable and am
> investigating the golang-1.11 version in stable.
Thanks, I just have added a tracking item in the security-tracker for
CVE-2020-7919.
Regards,
Salvatore
Reply to: