AVG-1020 log
| Package | go-pie |
| Status | Fixed |
| Severity | Medium |
| Type | multiple issues |
| Affected | 2:1.12.7-1 |
| Fixed | 2:1.12.8-1 |
| Current | Removed |
| Ticket | None |
| Created | Wed Aug 14 15:57:15 2019 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2019-14809 | Medium | Yes | Insufficient validation | An issue has been found in Go before 1.12.8, where url.Parse would accept URLs with malformed hosts, such that the Host field could have arbitrary suffixes... |
| CVE-2019-9514 | Medium | Yes | Denial of service | An issue has been found in several HTTP/2 implementations, where the attacker opens a number of streams and sends an invalid request over each stream that... |
| CVE-2019-9512 | Medium | Yes | Denial of service | An issue has been found in several HTTP/2 implementations, where the attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 24 Aug 2019 | ASA-201908-16 | go-pie | multiple issues |
| References |
|---|
https://groups.google.com/forum/#!msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ |