-
Notifications
You must be signed in to change notification settings - Fork 65
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Includes fixes for security vulnerabilities: * [CVE-2022-27664](GHSA-69cg-p879-7622) net/http: handle server errors after sending GOAWAY * [CVE-2022-32190](golang/go#54385) net/url: JoinPath does not strip relative path components in all circumstances * [CVE-2022-2879](golang/go#54853) archive/tar: unbounded memory consumption when reading headers * [CVE-2022-2880](golang/go#54663) net/http/httputil: ReverseProxy should not forward unparseable query parameters * [CVE-2022-41715](golang/go#55949) regexp/syntax: limit memory used by parsing regexps Addresses the build failure: * openwrt/packages#19613 Signed-off-by: Stanislav Petrashov <s@petrashov.ru> (cherry picked from commit 0ad7a2f)
- Loading branch information
Showing
2 changed files
with
12 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters