Golang News http://golangnews.com Jobs, Code, Videos and News for Go hackers - everything about the go programming language Mon, 14 Nov 2022 08:52:00 +0000 GoCoverStats v0.0.5 is a security release #test #testing #security The gocoverstats package just got a v0.0.5 security release on its golang.org dependencies and a minor change: <ul> <li>golang.org/x/tools upgraded from v0.1.10 to v0.2 (security release on tools/crypto)</li> <li>github.com/google/go-cmp upgraded from 0.5.8 to 0.5.9 (test dependency non-security release)</li> </ul><div>One clarification about the default build is that, since it requires at least Go 1.18, paths and symbols are trimmed in the compiled output.</div> 1 points posted by FGM https://gitlab.com/fgmarand/gocoverstats/-/tags/v0.0.5 4779 Mon, 14 Nov 2022 08:49:00 +0000 gas - a go AST security scanner #security Inspects source code for security problems by scanning the Go AST. 5 points posted by daenney https://github.com/GoASTScanner/gas 1717 Sat, 11 Feb 2017 17:34:00 +0000 Go 1.5.3 is released with a security fix for 32 bit systems #security #releases 5 points posted by lolly https://groups.google.com/forum/#!topic/golang-announce/MEATuOi_ei4 506 Wed, 13 Jan 2016 23:03:00 +0000 Finding ticket bleed 🎟 #security #tls Ticketbleed (CVE-2016-9244) is a software vulnerability in the TLS stack of certain F5 products that allows a remote attacker to extract up to 31 bytes of uninitialized memory at a time, which can contain any kind of random sensitive information, as in Heartbleed. If you suspect you might be affected by this vulnerability, you can find details and mitigation instructions at https://ticketbleed.com (including an online test) or in the F5 K05121675 article. 4 points posted by kenny https://blog.filippo.io/finding-ticketbleed 1711 Fri, 10 Feb 2017 16:36:00 +0000 Hiring: Gopacket developer and ICS hacker at Sentryo #france #remote #security The Gopacket packet dissection library (https://github.com/google/gopacket) is at the core of ICS CyberVision, Sentryo's product to secure industrial networks. We're looking for experienced Go developers to work on Gopacket, adding support for new protocols. A strong background in networking, protocol analysis and reverse engineering is required. 4 points posted by gopher http://gophergala.com/jobs/#sentryo 595 Tue, 16 Feb 2016 17:32:00 +0000 Gryffin is a large scale web security scanning platform #web #security 4 points posted by gopher https://github.com/yahoo/gryffin 56 Tue, 29 Sep 2015 21:46:00 +0000 Securely Storing Password Data in Couchbase with Golang and BCrypt #nosql #security 3 points posted by nraboy https://blog.couchbase.com/password-data-couchbase-golang-bcrypt 2500 Thu, 10 Aug 2017 15:26:00 +0000