[SECURITY] Fedora 29 Update: golang-1.11.13-1.fc29

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-65db7ad6c7 2019-09-06 12:57:51.120623 -------------------------------------------------------------------------------- Name : golang Product : Fedora 29 Version : 1.11.13 Release : 1.fc29 URL : http://golang.org/ Summary : The Go Programming Language Description : The Go Programming Language. -------------------------------------------------------------------------------- Update Information: * Rebase to go1.11.13 * Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809 -------------------------------------------------------------------------------- ChangeLog: * Mon Aug 26 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.13-1 - Rebase to 1.11.13 - Fix for CVE-2019-14809, CVE-2019-9514 and CVE-2019-9512 - Resolves: BZ#1741816, BZ#1741827 and BZ#1743131 * Wed Jul 10 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.12-1 - Rebase to 1.11.12 * Thu Jun 13 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.11-1 - Rebase to 1.11.11 * Thu May 16 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.10-1 - Rebase to 1.11.10 * Mon Apr 8 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.7-1 - Rebase to 1.11.7 * Fri Mar 15 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.6-1 - Rebase to 1.11.6 - Fix CVE-2019-9741 - Fix requirement for %preun (instead of %postun) scriptlet thanks to Tim Landscheidt - Use weak deps for SCM deps - Resolves: BZ#1688233 * Sun Jan 27 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.5-1 - Rebase to go1.11.5 - Fix for CVE-2019-6486 - Resolves: BZ#1668973 * Wed Jan 2 2019 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.4-1 - Rebase to go1.11.4 - Fix for CVE-2018-16875, CVE-2018-16874 and CVE-2018-16873 - Resolves: BZ#1659290, BZ#1659289, BZ#1659288 * Mon Nov 5 2018 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.2-1 - Rebase to go1.11.2 * Thu Oct 4 2018 Jakub ��ajka <jcajka(a)redhat.com&gt; - 1.11.1-1 - Rebase to go1.11.1 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1743129 - CVE-2019-14809 golang: malformed hosts in URLs leads to authorization bypass https://bugzilla.redhat.com/show_bug.cgi?id=1743129 [ 2 ] Bug #1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth https://bugzilla.redhat.com/show_bug.cgi?id=1735744 [ 3 ] Bug #1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth https://bugzilla.redhat.com/show_bug.cgi?id=1735645 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-65db7ad6c7' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------