- ------------------------------------------------------------------------- Debian LTS Advisory DLA-2520-1 [email protected] https://www.debian.org/lts/security/ Brian May January 07, 2021 https://wiki.debian.org/LTS - ------------------------------------------------------------------------- Package : golang-websocket Version : 1.1.0-1+deb9u1 CVE ID : CVE-2020-27813 There was an integer overflow vulnerability concerning the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections. For Debian 9 stretch, this problem has been fixed in version 1.1.0-1+deb9u1. We recommend that you upgrade your golang-websocket packages. For the detailed security status of golang-websocket please refer to its security tracker page at: https://security-tracker.debian.org/tracker/golang-websocket Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Debian LTS: DLA-2520-1: golang-websocket security update
January 7, 2021
There was an integer overflow vulnerability concerning the length of websocket frames received via a websocket connection
Summary
Debian LTS Advisory DLA-2520-1 [email protected] https://www.debian.org/lts/security/ Brian May January 07, 2021 https://wiki.debian.org/LTS Version : 1.1.0-1+deb9u1 There was an integer overflow vulnerability concerning the length of websocket frames received via a websocket connection. An attacker could use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections. For Debian 9 stretch, this problem has been fixed in version 1.1.0-1+deb9u1. We recommend that you upgrade your golang-websocket packages. For the detailed security status of golang-websocket please refer to its security tracker page at: https://security-tracker.debian.org/tracker/golang-websocket Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Severity
Package : golang-websocket
CVE ID : CVE-2020-27813
News
HOWTOs
Features
Secure Linux Hosting for Businesses
What Is Threat Intelligence?
CloudLinux Simplifies & Enhances Linux Security with its TuxCare Unified Enterprise Support Services
LinuxSecurity, Leading Provider of Linux Security News and Information, Unveils its New Website
Biden’s New Executive Cybersecurity Order Highlights the Power of Open-Source Security
About Us
Powered By
