Debian Security Advisory 4534-1

Debian Security Advisory 4534-1: Posted Sep 29, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4534-1 - It was discovered that the Go programming language did accept and normalize invalid HTTP/1.1 headers with a space before the colon, which could lead to filter bypasses or request smuggling in some setups.; tags | advisory, web; systems | linux, debian; advisories | CVE-2019-16276; SHA-256 | 515d09c92323347df95ea4299a8beeffb3a11e9d0696f723a3545b7615130b5d; Download | Favorite | View

Debian Security Advisory 4534-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4534-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 27, 2019                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : golang-1.11
CVE ID         : CVE-2019-16276

It was discovered that the Go programming language did accept and
normalize invalid HTTP/1.1 headers with a space before the colon, which
could lead to filter bypasses or request smuggling in some setups.

For the stable distribution (buster), this problem has been fixed in
version 1.11.6-1+deb10u2.

We recommend that you upgrade your golang-1.11 packages.

For the detailed security status of golang-1.11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/golang-1.11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2OcbwACgkQEMKTtsN8
TjZIGw//dv4qLKkU85Mih4nGiGln5gAqEilleYttLbYsgEPpEuaHLEDy0cwOPnW8
HLsgzTUHty3eJ6qAe0hf84xfDWwv2xrKUT/LZd66qUjlam9OzvXrjW/+gp22Vi+Q
dOE16y918WbHSbAmfCq865FXHDhBZzj1ixw8cDOgwpDMmBdhjRUP2rkS5Su4+prw
+2QPPs677awRQvwCcSaAQV5qrYUH+XpOmIAfIqND7NiSkf3l/w/5GUj1FUx/MnCw
xwKiaA06VAO5ky2eqWgJ9ToSzgIyqHeeU7DbxFH34TSXdsU84SPWUOGLpySc23Yp
OJ6GAx74tAoWsEx20YYEHj3n3bveHA0NPGVpzTYV9WdS/YUg0mWMjXSWZraogkQB
2d534WOkJwcRecT4fp/g2POod6+8V54y2tHmlLofjbHnjfQ/p9WAlL3kxX7/bKaH
rh1GvjZO8Cplj0CAFnn+NrDnJHMbzR8WzQ61SjW0kZ1TqebDvuWDig2ixJpDelpM
jk5OwZtS+PO2pZiVtdQlIh8LaIY1n7d39R8nQX9GN7Lzg883FefOd2KamPuSx4dK
/Qnj7AX9Gt8z3M+K2xJQ90WhCUTBD7EBznlRYthi9d0+DqaEFLuOCdYqgxTPcqyw
5xXK/ZKCsiRXfDQRu7bPErecQ4zUoNHnr2NPuthzbPcKMcsrGk8=
=I2Ah
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 194 files
Ubuntu 67 files
Debian 24 files
Valentin Lobstein 11 files
nu11secur1ty 8 files
Apple 6 files
Google Security Research 5 files
malvuln 4 files
Ersin Erenler 4 files
E1.Coders 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,011)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,194)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,473)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,437)
UNIX (9,390)
UnixWare (187)
Windows (6,649)
Other

Debian Security Advisory 4534-1

Debian Security Advisory 4534-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4534-1

Share This

Debian Security Advisory 4534-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems