Debian LTS Advisory ([SECURITY] [DLA 1294-1] golang security update)

It was discovered that there was an arbitrary command execution vulnerability in the Go programming language. The 'go get' implementation did not correctly validate 'import path' statements for '://' which allowed remote attackers to execute arbitrary OS commands via a crafted web site.

golang on Debian Linux

This check tests the installed software version using the apt package manager.

For Debian 7 'Wheezy', this issue has been fixed in golang version 2:1.0.2-1.1+deb7u3. We recommend that you upgrade your golang packages. The Debian LTS team would like to thank Abhijith PA for preparing this update.