Information on source package golang-1.8

Available versions

ReleaseVersion
stretch1.8.1-1
stretch (security)1.8.1-1+deb9u1

Open issues

BugstretchDescription
CVE-2019-9741vulnerable (no DSA, ignored)An issue was discovered in net/http in Go 1.11.5. CRLF injection is po ...
CVE-2019-9514vulnerable (no DSA, ignored)Some HTTP/2 implementations are vulnerable to a reset flood, potential ...
CVE-2019-9512vulnerable (no DSA, ignored)Some HTTP/2 implementations are vulnerable to ping floods, potentially ...
CVE-2019-17596vulnerable (no DSA, ignored)Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to ...
CVE-2019-16276vulnerable (no DSA, ignored)Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smugglin ...
CVE-2019-14809vulnerable (no DSA, ignored)net/url in Go before 1.11.13 and 1.12.x before 1.12.8 mishandles malfo ...
CVE-2017-8932vulnerable (no DSA, ignored)A bug in the standard library ScalarMult implementation of curve P-256 ...
CVE-2017-15042vulnerable (no DSA, ignored)An unintended cleartext issue exists in Go before 1.8.4 and 1.9.x befo ...
CVE-2017-15041vulnerable (no DSA, ignored)Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command ...

Resolved issues

BugDescription
CVE-2019-6486Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 e ...
CVE-2018-7187The "go get" implementation in Go 1.9.4, when the -insecure command-li ...
CVE-2018-6574Go before 1.8.7, Go 1.9.x before 1.9.4, and Go 1.10 pre-releases befor ...
CVE-2017-1000098The net/http package's Request.ParseMultipartForm method starts writin ...
CVE-2017-1000097On Darwin, user's trust preferences for root certificates were not hon ...

Security announcements

DSA / DLADescription
DSA-4380-1golang-1.8 - security update
Search for package or bug name: Reporting problems