-
Jeffery To authored
1.16.1 included fixes for: * CVE-2021-27918 - encoding/xml: infinite loop when using xml.NewTokenDecoder with a custom TokenReader * CVE-2021-27919 - archive/zip: can panic when calling Reader.Open 1.16.4 included fixes for: * CVE-2021-31525 - net/http: ReadRequest can stack overflow due to recursion with very large headers 1.16.5 includes fixes for: * CVE-2021-33195 - net: Lookup functions may return invalid host names * CVE-2021-33196 - archive/zip: malformed archive may cause panic or memory exhaustion * CVE-2021-33197 - net/http/httputil: ReverseProxy forwards Connection headers if first one is empty Signed-off-by:
Jeffery To <jeffery.to@gmail.com> (cherry picked from commit fe3c49fe)
