Description
An issue was discovered in net/http in Go 1.11.5. CRLF injection is
possible if the attacker controls a url parameter, as demonstrated by the
second argument to http.NewRequest with \r\n followed by an HTTP header or
a Redis command.
Notes
mdeslaur | Packages built using golang need to be rebuilt once the
vulnerability has been fixed. This CVE entry does not
list packages that need rebuilding outside of the main
repository or the Ubuntu variants with PPA overlays. |
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
(trusty was needs-triage)
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | needed
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 16.04 ESM: | needs-triage
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | needs-triage
|
Patches:
Package
Upstream: | released
(1.11.6)
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 16.04 ESM: | needs-triage
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
(trusty was needs-triage)
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | needed
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | needed
|
Ubuntu 20.04 LTS: | DNE
|
Ubuntu 21.10: | DNE
|
Ubuntu 22.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-25 00:45:15 UTC (commit ecc1009cb19540b950de59270950018900f37f15)