Source: golang-github-pires-go-proxyproto X-Debbugs-CC: t...@security.debian.org Severity: important Tags: security
Hi, The following vulnerability was published for golang-github-pires-go-proxyproto. CVE-2021-23409[0]: | The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable | to Denial of Service (DoS) via creating connections without the proxy | protocol header. https://github.com/pires/go-proxyproto/issues/65 https://snyk.io/vuln/SNYK-GOLANG-GITHUBCOMPIRESGOPROXYPROTO-1316439 https://github.com/pires/go-proxyproto/pull/74 If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-23409 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-23409 Please adjust the affected versions in the BTS as needed.
