Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump Golang 1.10.6 (CVE-2018-16875) #15

Merged
merged 1 commit into from Dec 14, 2018

Conversation

Projects
None yet
1 participant
@thaJeztah
Copy link
Member

commented Dec 14, 2018

go1.10.6 (released 2018/12/14)

  • crypto/x509: CPU denial of service in chain validation golang/go#29233
  • cmd/go: directory traversal in "go get" via curly braces in import paths golang/go#29231
  • cmd/go: remote command execution during "go get -u" golang/go#29230

See the Go 1.10.6 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.6

Signed-off-by: Sebastiaan van Stijn github@gone.nl

Bump Golang 1.10.6 (CVE-2018-16875)
go1.10.6 (released 2018/12/14)

- crypto/x509: CPU denial of service in chain validation golang/go#29233
- cmd/go: directory traversal in "go get" via curly braces in import paths golang/go#29231
- cmd/go: remote command execution during "go get -u" golang/go#29230

See the Go 1.10.6 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.10.6

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah

This comment has been minimized.

Copy link
Member Author

commented Dec 14, 2018

@thaJeztah thaJeztah merged commit 10da571 into docker:1.10.x Dec 14, 2018

@thaJeztah thaJeztah deleted the thaJeztah:bump_golang_1.10.6 branch Dec 14, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.