You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa golang-1.11

Sigurnosni nedostatak programskog paketa golang-1.11

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA512

– ————————————————————————-
Debian Security Advisory DSA-4551-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
October 25, 2019 https://www.debian.org/security/faq
– ————————————————————————-

Package : golang-1.11
CVE ID : CVE-2019-17596

Daniel Mandragona discovered that invalid DSA public keys can cause a
panic in dsa.Verify(), resulting in denial of service.

For the stable distribution (buster), this problem has been fixed in
version 1.11.6-1+deb10u3.

We recommend that you upgrade your golang-1.11 packages.

For the detailed security status of golang-1.11 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/golang-1.11

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2zY1UACgkQEMKTtsN8
TjYOSBAAspwvi+cCzxtzESrnwUf75XQYaF6IwGyZfIbjBY9BvihEvpHmEUAGos/d
aaKXl+FR4v8lah3DpY2g4L6Zr1E9mIAD56qX+77krbLvsZNp64jv+UPZdX8RVLsv
7rqBB/3ipownd3i0PWtEWGLMsLUVi3kdFWY+KS9Cg09CAlWmjCwGvgOKUtuXegIh
ez8+hg0l0eD7mxIUMGFcIBd77z8ySgdb7m0TPFzCg+aw1eZ/euRDFfFthK5pgj7x
oJg70FvXwkzD7G4V9B6FdSPIDMpAF0cvIWy2AwsfVWT7iJh9S4LN7ST/PWfcFceP
kvIUfsRFjz66815Jgltlv6keokmxRLAAredVEnI6oQsAjO7jZ0xhXTf4F5o4G+wO
T14wUbt5orCGpeKHWADZMSIGaX5aQkw87e1sxM6evY1k7JTgHK5dE1ZfJgU/6Jpu
W7rzGSBahNIGAY724fNRpsOpvf6yEK30vNucxmoXdP4HfxajA/nTlbhPAOFOSkvP
XWVRj5DQNhgqs99FjPet8Hft2tOx0FgNhW1nI/8tmVWBKEmIk0LYJ9F//3fMbPJk
FpUxQARSWs08qEWEayK4KvAsy4gMRYYv0QGikcJDlWkDjLRs7CXvyabUnzXLOhtr
KHSzBN3YIYnYFgiRIJAlB5UgAWQC8prKB0dEarYQkNfT7zukwV0=
=+FO3
—–END PGP SIGNATURE—–

Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja, izvršavanje proizvoljnog programskog koda...

Close