Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Maintenance:5384
patchinfo
_patchinfo
Overview
Details
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo
<patchinfo incident="5384"> <packager>MargueriteSu</packager> <issue tracker="cve" id="2015-5741"></issue> <issue tracker="cve" id="2015-5740"></issue> <issue tracker="cve" id="2015-5739"></issue> <issue tracker="bnc" id="989630">VUL-0: CVE-2015-5739,CVE-2015-5740,CVE-2015-5741: go: HTTP request smuggling in net/http library</issue> <category>security</category> <rating>moderate</rating> <summary>Security update for go</summary> <description>This update for go fixes the following issues: - CVE-2015-5739: "Content Length" treated as valid header - CVE-2015-5740: Double content-length headers does not return 400 error - CVE-2015-5741: Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections Go was updated to 1.4.3 with the following additional changes: - build: remove -Werror from cmd/dist - runtime: panic when accessing an empty struct value appended to an uninitialized slice - runtime: garbage collector found invalid heap pointer iterating over map </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor