stable

golang-x-net-0.20.0-1.el9

FEDORA-EPEL-2024-a0c6906833 created by fuller a year ago for Fedora EPEL 9

Update to v0.20.0 for CVE-2023-39325, CVE-2022-41723, CVE-2023-3978

This update has been submitted for testing by fuller.

a year ago

This update's test gating status has been changed to 'ignored'.

a year ago

This update has been pushed to testing.

a year ago
User Icon salimma commented & provided feedback a year ago
karma

Works fine for rebuilding golang-github-facebook-time (with golang-x-net BR set to enforce at least 0.17.0)

BZ#2178358 CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
BZ#2178403 CVE-2022-41723 golang-x-net: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [epel-all]
BZ#2228689 CVE-2023-3978 golang.org/x/net/html: Cross site scripting
BZ#2229579 CVE-2023-3978 golang-x-net: golang.org/x/net/html: Cross site scripting [epel-all]
BZ#2248209 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)
BZ#2248226 golang-x-net: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all]

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago

Please log in to add feedback.

Metadata
Type
security
Severity
high
Karma
1
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
approved
a year ago
Builds
1
golang-x-net-0.20.0-1.el9
BZ#2178358 CVE-2022-41723 net/http, golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding
0
1
BZ#2178403 CVE-2022-41723 golang-x-net: golang.org/x/net/http2: avoid quadratic complexity in HPACK decoding [epel-all]
0
1
BZ#2228689 CVE-2023-3978 golang.org/x/net/html: Cross site scripting
0
1
BZ#2229579 CVE-2023-3978 golang-x-net: golang.org/x/net/html: Cross site scripting [epel-all]
0
1
BZ#2248209 golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325)
0
1
BZ#2248226 golang-x-net: golang: net/http, x/net/http2: rapid stream resets can cause excessive work (CVE-2023-39325) [epel-all]
0
1
golang-x-net-0.20.0-1.el9

Automated Test Results

Copyright © 2007-2025 Red Hat, Inc. and others.

Running bodhi-server 25.5.1 on bodhi-web-181-sm2p2.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy