cbor v1.1.2

Version Release Notes from October 23, 2019 (over 4 years ago)

« Changelog History

cbor v1.1.2 Release Notes

Release Date: 2019-10-23 // over 4 years ago

Prevent an inappropriate use of BinaryUnmarshaler.

Specifically, don't allow CBOR byte string (major type 2) as input to Go's Time.UnmarshalBinary.

👀 Time values should only be encoded/decoded using these CBOR data types: pos or neg integer, float, and text string. For more info, see RFC 7049 section 2.4.1.

👀 For details, see commit 34ffc3a.

🚀 This release passed 24+ hours of fuzzing with fxamacker/cbor-fuzz v0.6.0.

Awesome Go is part of the LibHunt network. Terms. Privacy Policy.