Downloads

Software Update: Go 1.14.7 / 1.13.15

By admin
Spread the love

Go, also referred to as golang, is a programming language developed by Google and the open source community since 2007. Among other things, the language is cloudflare, google, Netflix and Uber used. Go code can be compiled for Android, Linux, macOS, FreeBSD, and Windows, on i386, amd64, and ARM processor architectures. The syntax of Go is similar to that of C and similar programming languages, although there are also some notable differences. Go also offers the option of distributed programming, where several processes are executed simultaneously. The team has released Go versions 1.14.7 and 1.13.15 with the following announcement:

[security] Go 1.14.7 and Go 1.13.15 are released

Hi gophers,

We have just released Go 1.14.7 and Go 1.13.15 to address a recently reported security issue. We recommend that all users update to one of these releases (if you’re not sure which, choose Go 1.14.7).

  • encoding/binary: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs
    Certain invalid inputs to ReadUvarint or ReadVarint could cause those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This could lead to processing more input than expected when the caller is reading directly from a network and depends on ReadUvarint and ReadVarint only consuming a small, bounded number of bytes, even from invalid inputs.
    With the update, ReadUvarint and ReadVarint now always return after consuming a bounded number of bytes (specifically, MaxVarintLen64, which is 10). The result being returned has not changed; the functions merely detect and return some errors without reading as much input.
    Thanks to Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon for reporting this issue.
    This issue is CVE-2020-16845 and Go issue golang.org/issue/40618.

The upcoming Go 1.15rc2 release will also include the fix above.

Downloads are available at https://golang.org/dl for all supported platforms.

Thank you,
Katie and Filippo on behalf of the Go team

Version number 1.14.7 / 1.13.15
Release status Final
Operating systems Windows 7, Linux, BSD, macOS, Solaris, UNIX, Windows Server 2012, Windows 8, Windows 10, Windows Server 2016, Windows Server 2019
Website The Go Programming Language
Download https://golang.org/dl
License type Conditions (GNU/BSD/etc.)
You might also like
News

Rumor: Apple is working on its own applications based on a large language model

News

Netflix is ​​also discontinuing the Basic subscription in the US and UK

News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Meta introduces open source language model Llama 2, works on PCs and phones

News

Logitech acquires stream controller maker Loupedeck