AVG-442

Package go, go-pie
Status Fixed
Severity High
Type arbitrary command execution
Affected 2:1.9-1
Fixed 2:1.9.1-1
Current 2:1.12.8-1 [community]
Ticket None
Created Thu Oct 12 17:18:34 2017
Issue Severity Remote Type Description
CVE-2017-15041 High Yes Arbitrary command execution
Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that...
Date Advisory Package Description
12 Oct 2017 ASA-201710-16 go-pie arbitrary command execution
12 Oct 2017 ASA-201710-15 go arbitrary command execution