Mageia 8: 2021-0416 Moderate: Golang Race Condition Affecting ReverseProxy

mageia

September 4, 2021

The updated golang packages fix a security vulnerability: Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic u...

Summary

The updated golang packages fix a security vulnerability:
Go before 1.15.15 and 1.16.x before 1.16.7 has a race condition that can lead to a net/http/httputil ReverseProxy panic upon an ErrAbortHandler abort (CVE-2021-36221).

References

- https://bugs.mageia.org/show_bug.cgi?id=29391

- https://lists.suse.com/pipermail/sle-security-updates/2021-August/009314.html

- https://groups.google.com/g/golang-announce/c/uHACNfXAZqk

- https://lists.suse.com/pipermail/sle-security-updates/2021-August/009321.html

- https://www.cve.org/CVERecord?id=CVE-2021-36221

Topics Covered

security advisory race condition golang mageia net/http httputil panic

Resolution

SRPMS

- 8/core/golang-1.15.15-1.mga8

Publication date: 04 Sep 2021

URL: https://advisories.mageia.org/MGASA-2021-0416.html

Type: security

CVE: CVE-2021-36221

Topics Covered

security advisory race condition golang mageia net/http httputil panic

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: 2021-0416 Moderate: Golang Race Condition Affecting ReverseProxy

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: 2021-0416 Moderate: Golang Race Condition Affecting ReverseProxy

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!