qbit/go
1
0
Fork 0
mirror of https://github.com/golang/go synced 2024-11-13 13:11:07 -07:00
Code Releases Activity
The Go programming language
35,314 Commits 58 Branches 402 Tags 522 MiB
Go 89.6%
Assembly 5.2%
HTML 4.8%
C 0.2%
Shell 0.1%
d5f2dc6a5c
Go to file
Filippo Valsorda d5f2dc6a5c [release-branch.go1.10-security] crypto/elliptic: reduce subtraction term to prevent long busy loop 
If beta8 is unusually large, the addition loop might take a very long
time to bring x3-beta8 back positive.

This would lead to a DoS vulnerability in the implementation of the
P-521 and P-384 elliptic curves that may let an attacker craft inputs
to ScalarMult that consume excessive amounts of CPU.

This fixes CVE-2019-6486.

Change-Id: Ia969e8b5bf5ac4071a00722de9d5e4d856d8071a
Reviewed-on: https://team-review.git.corp.google.com/c/399777
Reviewed-by: Adam Langley <agl@google.com>
Reviewed-by: Julie Qiu <julieqiu@google.com>
(cherry picked from commit 746d6abe2dfb9ce7609f8e1e1a8dcb7e221f423e)
Reviewed-on: https://team-review.git.corp.google.com/c/401143
Reviewed-by: Filippo Valsorda <valsorda@google.com>
2019-01-23 17:28:54 +00:00
.github all: restore changes from faulty merge/revert 2018-02-12 20:13:59 +00:00
api text/template: revert CL 66410 "add break, continue actions in ranges" 2018-02-06 05:00:01 +00:00
doc [release-branch.go1.10] doc: document Go 1.10.7 2018-12-14 21:58:45 +00:00
lib/time lib/time: follow redirects in curl 2018-01-24 04:39:28 +00:00
misc [release-branch.go1.10] cmd/cgo: don't give inconsistent typedef error for cgo-defined types 2018-08-08 01:13:46 +00:00
src [release-branch.go1.10-security] crypto/elliptic: reduce subtraction term to prevent long busy loop 2019-01-23 17:28:54 +00:00
test Revert "[release-branch.go1.10] cmd/compile/internal/gc: OMUL should be evaluated when using soft-float" 2018-12-14 20:07:16 +00:00
.gitattributes
.gitignore .gitignore: ignore src/cmd/dist/dist 2017-10-28 21:55:49 +00:00
AUTHORS A+C: update late Go 1.10 contributors 2018-01-06 04:52:00 +00:00
CONTRIBUTING.md all: restore changes from faulty merge/revert 2018-02-12 20:13:59 +00:00
CONTRIBUTORS A+C: update late Go 1.10 contributors 2018-01-06 04:52:00 +00:00
favicon.ico website: recreate 16px and 32px favicon 2016-08-25 15:43:32 +00:00
LICENSE
PATENTS
README.md all: restore changes from faulty merge/revert 2018-02-12 20:13:59 +00:00
robots.txt
VERSION [release-branch.go1.10] go1.10.7 2018-12-14 23:34:23 +00:00

README.md

The Go Programming Language

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Gopher image Gopher image by Renee French, licensed under Creative Commons 3.0 Attributions license.

Our canonical Git repository is located at https://go.googlesource.com/go. There is a mirror of the repository at https://github.com/golang/go.

Unless otherwise noted, the Go source files are distributed under the BSD-style license found in the LICENSE file.

Download and Install

Binary Distributions

Official binary distributions are available at https://golang.org/dl/.

After downloading a binary release, visit https://golang.org/doc/install or load doc/install.html in your web browser for installation instructions.

Install From Source

If a binary distribution is not available for your combination of operating system and architecture, visit https://golang.org/doc/install/source or load doc/install-source.html in your web browser for source installation instructions.

Contributing

Go is the work of hundreds of contributors. We appreciate your help!

To contribute, please read the contribution guidelines: https://golang.org/doc/contribute.html

Note that the Go project uses the issue tracker for bug reports and proposals only. See https://golang.org/wiki/Questions for a list of places to ask questions about the Go language.