AVG-1020 log

Package go-pie
Status Fixed
Severity Medium
Type multiple issues
Affected 2:1.12.7-1
Fixed 2:1.12.8-1
Current 2:1.13.4-1 [community]
Ticket None
Created Wed Aug 14 15:57:15 2019
Issue Severity Remote Type Description
CVE-2019-14809 Medium Yes Insufficient validation
An issue has been found in Go before 1.12.8, where url.Parse would accept URLs with malformed hosts, such that the Host field could have arbitrary suffixes...
CVE-2019-9514 Medium Yes Denial of service
An issue has been found in several HTTP/2 implementations, where the attacker opens a number of streams and sends an invalid request over each stream that...
CVE-2019-9512 Medium Yes Denial of service
An issue has been found in several HTTP/2 implementations, where the attacker sends continual pings to an HTTP/2 peer, causing the peer to build an internal...
Date Advisory Package Description
24 Aug 2019 ASA-201908-16 go-pie multiple issues
References
https://groups.google.com/forum/#!msg/golang-announce/65QixT3tcmg/DrFiG6vvCwAJ