This update for go1.15 fixes the following issues: Update to 1.15.13. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names . - CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion . - CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty - CVE-2021-33198: math/big: .SetString with 1.770p02041010010011001001 crashes with makeslice: len out of range .