[Buildroot] [PATCH-2019.02] package/go: security bump to version 1.11.6

Peter Korsgaard peter at korsgaard.com
Fri Apr 5 19:56:38 UTC 2019

>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes the following security vulnerability:
 > CVE-2019-9741: An issue was discovered in net/http in Go 1.11.5.  CRLF
 > injection is possible if the attacker controls a url parameter, as
 > demonstrated by the second argument to http.NewRequest with \r\n followed by
 > an HTTP header or a Redis command.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed to 2019.02.x, thanks.

Bye, Peter Korsgaard

More information about the buildroot mailing list