On Wed, Oct 24, 2018 at 10:26:10PM +0100, Martín Ferrari wrote: > On 24/10/18 22:17, Moritz Muehlenhoff wrote: > > Source: golang-golang-x-net-dev > > Severity: important > > Tags: security > > > > Please see > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17846 > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17847 > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-17848 > > > > Thanks for the heads up! > > Sadly, it seems it has not yet been fixed upstream.
This is now fixed upstream, see the respective links in the Security Tracker at https://security-tracker.debian.org/tracker/source-package/golang-golang-x-net-dev Please upload a targeted fix and ask for an unblock with the release team. Cheers, Moritz
