Commits on Jul 17, 2023

1. Update to debian bullseye …

   Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
   (cherry picked from commit dce5929)
   Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

   

   thaJeztah committed Jul 17, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 15a103d
   • Browse repository at this point

   Copy the full SHA

   15a103d View commit details

   Browse the repository at this point in the history

2. [20.10] update go to go1.19.11 …

   go1.19.11 (released 2023-07-11) includes a security fix to the net/http package,
   as well as bug fixes to cgo, the cover tool, the go command, the runtime, and
   the go/printer package. See the Go 1.19.11 milestone on our issue tracker for
   details:
   
   https://github.com/golang/go/issues?q=milestone%3AGo1.19.11+label%3ACherryPickApproved
   
   Full diff: golang/go@go1.19.10...go1.19.11
   
   These minor releases include 1 security fixes following the security policy:
   
   net/http: insufficient sanitization of Host header
   
   The HTTP/1 client did not fully validate the contents of the Host header.
   A maliciously crafted Host header could inject additional headers or entire
   requests. The HTTP/1 client now refuses to send requests containing an
   invalid Request.Host or Request.URL.Host value.
   
   Thanks to Bartek Nowotarski for reporting this issue.
   
   Includes security fixes for [CVE-2023-29406 ][1] and Go issue https://go.dev/issue/60374
   
   [1]: GHSA-f8f7-69v5-w4vx
   
   Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

   

   thaJeztah committed Jul 17, 2023
   Configuration menu

   • View commit details
   • Copy full SHA for 9b21793
   • Browse repository at this point

   Copy the full SHA

   9b21793 View commit details

   Browse the repository at this point in the history