FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-27 18:04:16 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
4464212e-4acd-11e5-934b-002590263bf5go -- multiple vulnerabilities

Jason Buberel, Go Product Manager, reports:

CVE-2015-5739 - "Content Length" treated as valid header

CVE-2015-5740 - Double content-length headers does not return 400 error

CVE-2015-5741 - Additional hardening, not sending Content-Length w/Transfer-Encoding, Closing connections


Discovery 2015-07-29
Entry 2015-08-25
go
< 1.4.3,1

go14
< 1.4.3

CVE-2015-5739
CVE-2015-5740
CVE-2015-5741
https://github.com/golang/go/commit/117ddcb83d7f42d6aa72241240af99ded81118e9
https://github.com/golang/go/commit/143822585e32449860e624cace9d2e521deee62e
https://github.com/golang/go/commit/300d9a21583e7cf0149a778a0611e76ff7c6680f
http://seclists.org/oss-sec/2015/q3/237