-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-4848-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 08, 2021 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : golang-1.11 CVE ID : CVE-2020-7919 CVE-2020-15586 CVE-2020-16845 CVE-2021-3114 Multiple security issues were discovered in the implementation of the Go programming language, which could result in denial of service and the P-224 curve implementation could generate incorrect outputs. For the stable distribution (buster), these problems have been fixed in version 1.11.6-1+deb10u4. We recommend that you upgrade your golang-1.11 packages. For the detailed security status of golang-1.11 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/golang-1.11 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmAhq44ACgkQEMKTtsN8 Tjb/zA//bimPMI7YcH01dh2O9GNKXElMu3Ux/i5UuM999CLtz0XSoaqh1gGxfRt4 NFR72e1i1oR/2VZdt5lH5OKBhkX0VA8DgNGv6xC3EM0CZUDyyp2075R0hoyluPqY p9030ffRMvV1T0eTzL6pyZsy2NYd0sKmcS84LweUe0U0J0Ylr3xV5Y1db899ocaN LhBS8RmAjFAK4EgS4GYJdCTTtRKFNzbRslh3ObeyzLfenFHPEv7GMIDyv2rghv2j eYJohjpbojZf6YjirUDPkkkHbHnouUWSYV7ZKG9svjYa5q+04GHIXlBm9DxfbTkt FLt6XJaot3nas2aq1GTGDIl65/BsPgIwLHI34VI+5wcTWwrtdDvJb6Btu2Ocotwz LTEZsGPx3WoC401YzkSl5LO2HlkiSYhgJGdI1pA+IqFwknw8ZLJPnqof1mk295ce CUWC491wBXTv/zojmfND7yY+XaNtkZyrGnFppIhiBnNHHQEED50NeknKbgzeMyXd Hl+7OA0Pwv0cRnit1o81wRxaRnFxpdwJY/Zh+N048R7YZR9/oC5wbLIRpvj4PEC9 MG5erXYCD3HC6MzdETqn69RauwpCd+hSey+tM79F7byTJ/8JkSvWk6fyp4J7nmu3 nFJ5HGC4SR/GVBOC3ePpqkZ1+lcQw3fMeGmphNjcsMDHDiX9fBg= =7k3B -----END PGP SIGNATURE-----