AVG-442 log
| Package | go, go-pie |
| Status | Fixed |
| Severity | High |
| Type | arbitrary command execution |
| Affected | 2:1.9-1 |
| Fixed | 2:1.9.1-1 |
| Current | 2:1.25.4-1 [extra] |
| Ticket | None |
| Created | Thu Oct 12 17:18:34 2017 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2017-15041 | High | Yes | Arbitrary command execution | Go before 1.8.4 and 1.9.x before 1.9.1 allows "go get" remote command execution. Using custom domains, it is possible to arrange things so that... |
| Date | Advisory | Package | Type |
|---|---|---|---|
| 12 Oct 2017 | ASA-201710-16 | go-pie | arbitrary command execution |
| 12 Oct 2017 | ASA-201710-15 | go | arbitrary command execution |