--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2019-65db7ad6c7
2019-09-06 12:57:51.120623
--------------------------------------------------------------------------------
Name : golang
Product : Fedora 29
Version : 1.11.13
Release : 1.fc29
URL :
http://golang.org/
Summary : The Go Programming Language
Description :
The Go Programming Language.
--------------------------------------------------------------------------------
Update Information:
* Rebase to go1.11.13 * Security fix for CVE-2019-9512, CVE-2019-9514 and
CVE-2019-14809
--------------------------------------------------------------------------------
ChangeLog:
* Mon Aug 26 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.13-1
- Rebase to 1.11.13
- Fix for CVE-2019-14809, CVE-2019-9514 and CVE-2019-9512
- Resolves: BZ#1741816, BZ#1741827 and BZ#1743131
* Wed Jul 10 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.12-1
- Rebase to 1.11.12
* Thu Jun 13 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.11-1
- Rebase to 1.11.11
* Thu May 16 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.10-1
- Rebase to 1.11.10
* Mon Apr 8 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.7-1
- Rebase to 1.11.7
* Fri Mar 15 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.6-1
- Rebase to 1.11.6
- Fix CVE-2019-9741
- Fix requirement for %preun (instead of %postun) scriptlet thanks to Tim Landscheidt
- Use weak deps for SCM deps
- Resolves: BZ#1688233
* Sun Jan 27 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.5-1
- Rebase to go1.11.5
- Fix for CVE-2019-6486
- Resolves: BZ#1668973
* Wed Jan 2 2019 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.4-1
- Rebase to go1.11.4
- Fix for CVE-2018-16875, CVE-2018-16874 and CVE-2018-16873
- Resolves: BZ#1659290, BZ#1659289, BZ#1659288
* Mon Nov 5 2018 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.2-1
- Rebase to go1.11.2
* Thu Oct 4 2018 Jakub ��ajka <jcajka(a)redhat.com> - 1.11.1-1
- Rebase to go1.11.1
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #1743129 - CVE-2019-14809 golang: malformed hosts in URLs leads to
authorization bypass
https://bugzilla.redhat.com/show_bug.cgi?id=1743129
[ 2 ] Bug #1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in
unbounded memory growth
https://bugzilla.redhat.com/show_bug.cgi?id=1735744
[ 3 ] Bug #1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded
memory growth
https://bugzilla.redhat.com/show_bug.cgi?id=1735645
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-65db7ad6c7' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------