Redeploy meek-server instances with go1.11.5
CVE-2019-6486 is a DoS on the implementation of certain elliptic curves, fixed in go1.11.5.
Redeploy servers that use crypto/tls and therefore may be exposed to the bug:
- cymrubridge02 (backend for meek-azure)
- starman (throttled meek.bamsoftware.com)
- maenad (unthrottled meek.bamsoftware.com)
- GAEuploader (gaeuploader.meek.bamsoftware.com)
To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information