Skip to content
Permalink
Browse files

Bump Golang 1.11.3 (CVE-2018-16875)

go1.11.13 (released 2018/12/14)

- crypto/x509: CPU denial of service in chain validation golang/go#29233
- cmd/go: directory traversal in "go get" via curly braces in import paths golang/go#29231
- cmd/go: remote command execution during "go get -u" golang/go#29230

See the Go 1.11.3 milestone on the issue tracker for details:
https://github.com/golang/go/issues?q=milestone%3AGo1.11.3

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
  • Loading branch information...
thaJeztah committed Dec 13, 2018
1 parent c2ae1cf commit 639c17738f9c1760cbef935d0107b2be2ffbf9a7
Showing with 1 addition and 1 deletion.
  1. +1 −1 Dockerfile
@@ -1,4 +1,4 @@
FROM golang:1.11.2
FROM golang:1.11.3

# allow replacing httpredir or deb mirror
ARG APT_MIRROR=deb.debian.org

0 comments on commit 639c177

Please sign in to comment.
You can’t perform that action at this time.