Overview Repositories Revisions Requests Users Attributes Meta
Security update for go1.11

This update for go1.11 fixes the following issues:

Security issues fixed:

- CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).
- CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).
- CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).

Bugfixes:

- Update to go version 1.11.13 (bsc#1141688).

This update was imported from the SUSE:SLE-15:Update update project.

Fixed bugs
bnc#1146111
VUL-0: CVE-2019-9512: go: HTTP/2: flood using PING frames results in unbounded memory growth
bnc#1146115
VUL-0: CVE-2019-9514: go: HTTP/2 implementation is vulnerable to a reset flood, potentially leading to a denial of service
bnc#1141688
go1.11 release tracking
bnc#1146123
VUL-0: CVE-2019-14809: go: malformed hosts in URLs leads to authorization bypass
CVE-2019-9514
CVE-2019-9512
CVE-2019-14809
Selected Binaries
openSUSE Build Service is sponsored by
Places