5 CVEs fixed in Go 1.22.1 and Go 1.21.8, 1 CVE fixed in google.golang.org/protobuf

5 CVEs fixed in Go 1.22.1 and Go 1.21.8, 1 CVE fixed in google.golang.org/protobuf

Open Source Security [[{„value“:“

Posted by Alan Coopersmith on Mar 08

https://groups.google.com/g/golang-announce/c/5pwGVUPoMbg announces the
releases of Go 1.22.1 and Go 1.21.8 containing fixes for 5 CVEs:

>- crypto/x509: Verify panics on certificates with an unknown public key
> algorithm
>
> Verifying a certificate chain which contains a certificate with an
> unknown public key algorithm will cause Certificate.Verify to panic.
>
> This affects all crypto/tls clients, and servers…
„}]] Read More 

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert