Google Git
Sign in
fuchsia / third_party / golang / net / refs/heads/upstream/internal-branch.go1.24-vendor
commit76f9bf3279eff2e596db4960a78a2665d0ff9405[log] [tgz]
authorDamien Neil <dneil@google.com>Tue Jan 21 16:36:50 2025 -0800
committerGopher Robot <gobot@golang.org>Tue Mar 04 10:54:19 2025 -0800
treec17263846efb4f4bef1acf2eacd408f54f642389
parent9a960c88dd987d95b94e58ac86345748b7a141d8 [diff]
[internal-branch.go1.24-vendor] proxy, http/httpproxy: do not mismatch IPv6 zone ids against hosts

When matching against a host "example.com",
don't match an IPv6 address like "[1000::1%25.example.com]:80".

Thanks to Juho Forsén of Mattermost for reporting this issue.

Fixes CVE-2025-22870
For #71984
For #71986

Change-Id: I0c4fdf18765decc27e6ddf220ebe3a9bf4a6454d
Reviewed-on: https://go-review.googlesource.com/c/net/+/654696
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Auto-Submit: Junyang Shao <shaojunyang@google.com>
Reviewed-by: Michael Pratt <mpratt@google.com>
4 files changed
tree: c17263846efb4f4bef1acf2eacd408f54f642389
  1. bpf/
  2. context/
  3. dict/
  4. dns/
  5. html/
  6. http/
  7. http2/
  8. icmp/
  9. idna/
  10. internal/
  11. ipv4/
  12. ipv6/
  13. lif/
  14. nettest/
  15. netutil/
  16. proxy/
  17. publicsuffix/
  18. quic/
  19. route/
  20. trace/
  21. webdav/
  22. websocket/
  23. xsrftoken/
  24. .gitattributes
  25. .gitignore
  26. codereview.cfg
  27. CONTRIBUTING.md
  28. go.mod
  29. go.sum
  30. LICENSE
  31. PATENTS
  32. README.md
README.md

Go Networking

Go Reference

This repository holds supplementary Go networking packages.

Report Issues / Send Patches

This repository uses Gerrit for code changes. To learn how to submit changes to this repository, see https://go.dev/doc/contribute.

The git repository is https://go.googlesource.com/net.

The main issue tracker for the net repository is located at https://go.dev/issues. Prefix your issue with “x/net:” in the subject line, so it is easy to find.