-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2019-55d101a740 2019-09-06 12:30:29.163589 --------------------------------------------------------------------------------
Name : golang Product : Fedora 30 Version : 1.12.9 Release : 1.fc30 URL : http://golang.org/ Summary : The Go Programming Language Description : The Go Programming Language.
-------------------------------------------------------------------------------- Update Information:
* Rebase to go1.12.9 * Security fix for CVE-2019-9512, CVE-2019-9514 and CVE-2019-14809 -------------------------------------------------------------------------------- ChangeLog:
* Mon Aug 26 2019 Jakub ��ajka jcajka@redhat.com - 1.12.9-1 - Rebase to 1.12.9 - Fix for CVE-2019-14809, CVE-2019-9514 and CVE-2019-9512 - Resolves: BZ#1741816, BZ#1741827 and BZ#1743131 * Tue Jul 9 2019 Jakub ��ajka jcajka@redhat.com - 1.12.7-1 - Rebase to 1.12.7 - Resolves: BZ#1728056 * Wed Jun 12 2019 Jakub ��ajka jcajka@redhat.com - 1.12.6-1 - Rebase to 1.12.6 - Resolves: BZ#1719483 * Tue May 7 2019 Jakub ��ajka jcajka@redhat.com - 1.12.5-1 - Rebase to 1.12.5 - Resolves: BZ#1707187 -------------------------------------------------------------------------------- References:
[ 1 ] Bug #1743129 - CVE-2019-14809 golang: malformed hosts in URLs leads to authorization bypass https://bugzilla.redhat.com/show_bug.cgi?id=1743129 [ 2 ] Bug #1735744 - CVE-2019-9514 HTTP/2: flood using HEADERS frames results in unbounded memory growth https://bugzilla.redhat.com/show_bug.cgi?id=1735744 [ 3 ] Bug #1735645 - CVE-2019-9512 HTTP/2: flood using PING frames results in unbounded memory growth https://bugzilla.redhat.com/show_bug.cgi?id=1735645 --------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2019-55d101a740' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------
package-announce@lists.fedoraproject.org