drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in golang-1.11
Name: |
Denial of Service in golang-1.11 |
|
ID: |
DSA-4551-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian buster |
|
Datum: |
Sa, 26. Oktober 2019, 09:23 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-17596 |
|
Applikationen: |
Go |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4551-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 25, 2019 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : golang-1.11 CVE ID : CVE-2019-17596
Daniel Mandragona discovered that invalid DSA public keys can cause a panic in dsa.Verify(), resulting in denial of service.
For the stable distribution (buster), this problem has been fixed in version 1.11.6-1+deb10u3.
We recommend that you upgrade your golang-1.11 packages.
For the detailed security status of golang-1.11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/golang-1.11
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2zY1UACgkQEMKTtsN8 TjYOSBAAspwvi+cCzxtzESrnwUf75XQYaF6IwGyZfIbjBY9BvihEvpHmEUAGos/d aaKXl+FR4v8lah3DpY2g4L6Zr1E9mIAD56qX+77krbLvsZNp64jv+UPZdX8RVLsv 7rqBB/3ipownd3i0PWtEWGLMsLUVi3kdFWY+KS9Cg09CAlWmjCwGvgOKUtuXegIh ez8+hg0l0eD7mxIUMGFcIBd77z8ySgdb7m0TPFzCg+aw1eZ/euRDFfFthK5pgj7x oJg70FvXwkzD7G4V9B6FdSPIDMpAF0cvIWy2AwsfVWT7iJh9S4LN7ST/PWfcFceP kvIUfsRFjz66815Jgltlv6keokmxRLAAredVEnI6oQsAjO7jZ0xhXTf4F5o4G+wO T14wUbt5orCGpeKHWADZMSIGaX5aQkw87e1sxM6evY1k7JTgHK5dE1ZfJgU/6Jpu W7rzGSBahNIGAY724fNRpsOpvf6yEK30vNucxmoXdP4HfxajA/nTlbhPAOFOSkvP XWVRj5DQNhgqs99FjPet8Hft2tOx0FgNhW1nI/8tmVWBKEmIk0LYJ9F//3fMbPJk FpUxQARSWs08qEWEayK4KvAsy4gMRYYv0QGikcJDlWkDjLRs7CXvyabUnzXLOhtr KHSzBN3YIYnYFgiRIJAlB5UgAWQC8prKB0dEarYQkNfT7zukwV0= =+FO3 -----END PGP SIGNATURE-----
|
|
|
|