Updated golang package fixes security vulnerability
Publication date: 14 Jan 2017Modification date: 14 Jan 2017
Type: security
Affected Mageia releases : 5
Description
The net/http package's Request.ParseMultipartForm method
starts writing to temporary files once the request body size
surpasses the given "maxMemory" limit. It was possible for an
attacker to generate a multipart request crafted such that the
server ran out of file descriptors.
SRPMS
5/core
- golang-1.6.4-1.mga5