letsencrypt
/
boulder
mirror of https://github.com/letsencrypt/boulder.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
boulder/ra
History
Phil Porada c7dc3a8d72
Test against go1.20.6 (#6987) 
This version includes a fix that seems relevant to us:

> The HTTP/1 client did not fully validate the contents of the Host
header. A maliciously crafted Host header could inject additional
headers or entire requests. The HTTP/1 client now refuses to send
requests containing an invalid Request.Host or Request.URL.Host value.
> 
> Thanks to Bartek Nowotarski for reporting this issue.
> 
> Includes security fixes for CVE-2023-29406 and Go issue
https://go.dev/issue/60374
 		2023-07-11 12:50:42 -07:00
..
proto admin-revoker: document malformed-revoke (#6714) 2023-03-02 12:02:21 -08:00
mock_test.go Store linting certificate instead of precertificate (#6807) 2023-04-26 13:54:24 -07:00
ra.go Probs: remove divergences from RFC8555 (#6877) 2023-05-15 12:35:12 -07:00
ra_test.go Test against go1.20.6 (#6987) 2023-07-11 12:50:42 -07:00