Download
| Alert*
|
oval:org.secpod.oval:def:203980
The golang packages provide the Go programming language compiler. The following packages have been upgraded to a newer upstream version: golang . Security Fix: * An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable &q ... oval:org.secpod.oval:def:2102408 The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service (infinite loop) via a crafted public key to a program that uses HTTPS client certif ... oval:org.secpod.oval:def:110413 The Go Programming Language. oval:org.secpod.oval:def:110433 The Go Programming Language. oval:org.secpod.oval:def:1600391 An infinite loop in several big integer routines was discovered that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability. oval:org.secpod.oval:def:1900667 The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x before 1.6.1 does not properly check parameters passed to the big integer library, which might allow remote attackers to cause a denial of service via a crafted public key to a program that uses HTTPS client certificates or SSH s ... |
