Hello, I have just submitted bodhi update for CVE-2017-15041 and CVE-2017-15042, https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2017-f7e4cbd529. If you maintain any package or application using "net/smtp" stdlib package, rebuild of your package/application is strongly recommended using the fixed version of golang. I plan, after this update hits stable, to update the golang package to upstream version go1.9(.1)(or any other point release available at that time). If you have any concerns please rise them now. Testing and karma is much appreciated, JC _______________________________________________ epel-devel mailing list -- epel-devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to epel-devel-leave@xxxxxxxxxxxxxxxxxxxxxxx