Go 1.15.1 and 1.14.8 Released — Two releases that fix a recently reported security issue when you don’t explicitly set a Content-Type in an HTTP handler (when using net/http/cgi or net/http/fcgi). More about that issue here or hit the downloads page.
Appears in lists (1)
More like this (1)
Go 1.12.8 and Go 1.11.13 Released — Earlier this week, engineers at Netflix disclosed a variety...Go 1.12.8 and Go 1.11.13 Released — Earlier this week, engineers at Netflix disclosed a variety of HTTP/2 related vulnerabilities that have affected numerous HTTP/2 client implementations, including Go’s. These two Go releases fix the issues, as well as a URL parsing issue in net/url.