Information on source package golang

Available versions

ReleaseVersion
wheezy2:1.0.2-1.1
wheezy (security)2:1.0.2-1.1+deb7u3
jessie2:1.3.3-1

Open issues

BugwheezyjessieDescription
TEMP-0000000-1C4729vulnerable (no DSA)vulnerable (no DSA)net/http: broken trailers don't close a server connection
CVE-2018-7187fixedvulnerable (no DSA, ignored)The "go get" implementation in Go 1.9.4, when the -insecure ...
CVE-2018-6574vulnerable (no DSA, ignored)vulnerable (no DSA, ignored)Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases before ...
CVE-2017-15042fixedvulnerable (no DSA, ignored)An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x ...
CVE-2017-15041fixedvulnerable (no DSA, ignored)Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command ...
CVE-2017-1000098fixedvulnerable (no DSA, ignored)The net/http package's Request.ParseMultipartForm method starts ...
CVE-2016-3959vulnerable (no DSA)vulnerable (no DSA)The Verify function in crypto/dsa/dsa.go in Go before 1.5.4 and 1.6.x ...
CVE-2015-5741vulnerable (no DSA)vulnerable (no DSA)other discoveries of security-relevant RFC 7230 violations
CVE-2015-5740vulnerable (no DSA)vulnerable (no DSA)The net/http library in net/http/transfer.go in Go before 1.4.3 does ...
CVE-2015-5739vulnerable (no DSA)vulnerable (no DSA)The net/http library in net/textproto/reader.go in Go before 1.4.3 ...

Open unimportant issues

BugwheezyjessieDescription
CVE-2016-5386vulnerablevulnerableThe net/http package in Go through 1.6 does not attempt to address RFC ...

Resolved issues

BugDescription
CVE-2017-8932A bug in the standard library ScalarMult implementation of curve P-256 ...
CVE-2017-1000097On Darwin, user's trust preferences for root certificates were not ...
CVE-2016-3958Untrusted search path vulnerability in Go before 1.5.4 and 1.6.x ...
CVE-2015-8618The Int.Exp Montgomery code in the math/big library in Go 1.5.x before ...
CVE-2014-7189crpyto/tls in Go 1.1 before 1.3.2, when SessionTicketsDisabled is ...

Security announcements

DSA / DLADescription
DLA-1294-1golang - security update
DLA-1148-1golang - security update
DLA-1123-1golang - security update

Search for package or bug name: Reporting problems