Debian Security Advisory 4534-1

Debian Security Advisory 4534-1: Posted Sep 29, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4534-1 - It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups.; tags | advisory, web; systems | linux, debian; advisories | CVE-2019-16276; SHA-256 | 515d09c92323347df95ea4299a8beeffb3a11e9d0696f723a3545b7615130b5d; Download | Favorite | View

Debian Security Advisory 4534-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4534-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 27, 2019                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : golang-1.11
CVE ID         : CVE-2019-16276

It was discovered that the Go programming language did accept and
normalize invalid HTTP/1.1 headers with a space before the colon, which
could lead to filter bypasses or request smuggling in some setups.

For the stable distribution (buster), this problem has been fixed in
version 1.11.6-1+deb10u2.

We recommend that you upgrade your golang-1.11 packages.

For the detailed security status of golang-1.11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/golang-1.11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2OcbwACgkQEMKTtsN8
TjZIGw//dv4qLKkU85Mih4nGiGln5gAqEilleYttLbYsgEPpEuaHLEDy0cwOPnW8
HLsgzTUHty3eJ6qAe0hf84xfDWwv2xrKUT/LZd66qUjlam9OzvXrjW/+gp22Vi+Q
dOE16y918WbHSbAmfCq865FXHDhBZzj1ixw8cDOgwpDMmBdhjRUP2rkS5Su4+prw
+2QPPs677awRQvwCcSaAQV5qrYUH+XpOmIAfIqND7NiSkf3l/w/5GUj1FUx/MnCw
xwKiaA06VAO5ky2eqWgJ9ToSzgIyqHeeU7DbxFH34TSXdsU84SPWUOGLpySc23Yp
OJ6GAx74tAoWsEx20YYEHj3n3bveHA0NPGVpzTYV9WdS/YUg0mWMjXSWZraogkQB
2d534WOkJwcRecT4fp/g2POod6+8V54y2tHmlLofjbHnjfQ/p9WAlL3kxX7/bKaH
rh1GvjZO8Cplj0CAFnn+NrDnJHMbzR8WzQ61SjW0kZ1TqebDvuWDig2ixJpDelpM
jk5OwZtS+PO2pZiVtdQlIh8LaIY1n7d39R8nQX9GN7Lzg883FefOd2KamPuSx4dK
/Qnj7AX9Gt8z3M+K2xJQ90WhCUTBD7EBznlRYthi9d0+DqaEFLuOCdYqgxTPcqyw
5xXK/ZKCsiRXfDQRu7bPErecQ4zUoNHnr2NPuthzbPcKMcsrGk8=
=I2Ah
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 213 files
indoushka 118 files
Ubuntu 88 files
Gentoo 33 files
Debian 25 files
Jasper Nota 25 files
Willem Westerhof 19 files
Jim Blankendaal 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,107)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,567)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,890)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,615)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,777)
UNIX (9,440)
UnixWare (187)
Windows (6,676)
Other

Debian Security Advisory 4534-1

Debian Security Advisory 4534-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4534-1

Share This

Debian Security Advisory 4534-1

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems