-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Package : golang Version : 2:1.3.3-1+deb8u1 CVE ID : CVE-2019-6486 Debian Bug : #920548
It was discovered that there was a denial of service vulnerability or possibly even the ability to conduct private key recovery attacks within in the elliptic curve cryptography handling in the Go programming language libraries. For Debian 8 "Jessie", this issue has been fixed in golang version 2:1.3.3-1+deb8u1. We recommend that you upgrade your golang packages. Regards, - -- ,''`. : :' : Chris Lamb `. `'` la...@debian.org 🍥 chris-lamb.co.uk `- -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAlxbTuAACgkQHpU+J9Qx Hljvxw/+P54nX9e5CjJgk72BgyNL1FQf3WGxYqzfUfB3M+5LgsRP+B1Vm1qZ71cr uFv5SDRZvKvGgVByy1/doYLnXCE8Gj2KUuKdsH0Z253aP30ITlqhv9dRnig437Qx 4d5GPpfJq2izganGfjgh07X3DebbJE1LLz993OQI+rPhxI9xJkF1Va3EFx2bUjKF f1Zbk1siHAEUp9LYM3BIUqvbVDXjXsdvU4L6P9fgSXN1q6Ow1hxmQg2ror/q/UOw Az6Uv2ydgodsp8ViKpXWIoIpFIJi/MpeWSi6vcd6pFpgR7uBxuxvd30qqlJYDM7J D7Wyw8zg+P3/BRZ5Uz59/8/5leii+Sw2onMifF7UgIx9Y3xVBO3AJvks7LwRbT4y TWe04iIQwEERehmQ8/x5mDYq8efR1BGkRWxIhIsDZKq+pd3l/DSMrif6dFObL5F9 tg8BV6bDZh79DiHmzVTIgMhsW33Af63XKJgp2KstH0Hsc0sfXJe24ZthfxYetJMf xrEpK3gCy5AP/BOY9fKb/J7xEb25PpGUfIlOMzxf9W4v4O29aTHBLokFydBeRUG1 mrqALxWk1ht7ZrkcecczR8Hm2+7FC8NtWevVdR/r4HsnUhIhujr0R+GMz7j2imOv HfuL/xnU67OCERw0WDiVW8Z2HbAnOP6J0Ru8BH4m737WodRjG/w= =vynA -----END PGP SIGNATURE-----