662d8a085e
golang.org/x/net contains a fix for CVE-2022-41717, which was addressed in stdlib in go1.19.4 and go1.18.9; > net/http: limit canonical header cache by bytes, not entries > > An attacker can cause excessive memory growth in a Go server accepting > HTTP/2 requests. > > HTTP/2 server connections contain a cache of HTTP header keys sent by > the client. While the total number of entries in this cache is capped, > an attacker sending very large keys can cause the server to allocate > approximately 64 MiB per open connection. > > This issue is also fixed in golang.org/x/net/http2 v0.4.0, > for users manually configuring HTTP/2. full diff: https://github.com/golang/net/compare/c63010009c80...v0.4.0 other dependency updates (due to (circular) dependencies between them): - golang.org/x/sys v0.3.0: https://github.com/golang/sys/compare/v0.2.0...v0.3.0 - golang.org/x/term v0.3.0: https://github.com/golang/term/compare/v0.1.0...v0.3.0 - golang.org/x/text v0.5.0: https://github.com/golang/text/compare/v0.4.0...v0.5.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> |
||
|---|---|---|
| .. | ||
| codereview.cfg | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| PATENTS | ||
| README.md | ||
| term_plan9.go | ||
| term_unix_bsd.go | ||
| term_unix_other.go | ||
| term_unix.go | ||
| term_unsupported.go | ||
| term_windows.go | ||
| term.go | ||
| terminal.go | ||
Go terminal/console support
This repository provides Go terminal and console support packages.
Download/Install
The easiest way to install is to run go get -u golang.org/x/term. You can
also manually git clone the repository to $GOPATH/src/golang.org/x/term.
Report Issues / Send Patches
This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://golang.org/doc/contribute.html.
The main issue tracker for the term repository is located at https://github.com/golang/go/issues. Prefix your issue with "x/term:" in the subject line, so it is easy to find.