Go before 1.12.10 and 1.13.x before 1.13.1 allow HTTP Request Smuggling.
lists.opensuse.org/opensuse-security-announce/2019-11/msg00043.html
lists.opensuse.org/opensuse-security-announce/2019-11/msg00044.html
access.redhat.com/errata/RHSA-2020:0101
access.redhat.com/errata/RHSA-2020:0329
access.redhat.com/errata/RHSA-2020:0652
github.com/golang/go/issues/34540
groups.google.com/forum/#%21msg/golang-announce/cszieYyuL9Q/g4Z7pKaqAgAJ
lists.debian.org/debian-lts-announce/2021/03/msg00014.html
lists.debian.org/debian-lts-announce/2021/03/msg00015.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/LULL72EUUKIY4NWDZVJVN2LIB4MXHS5P/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O7GMJ3VXF5RXK2C7CL66KJ6XOOTOL5BJ/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Q5MD2F7ATWSTB45ZJIPJHBAAHVRGRAKG/
security.netapp.com/advisory/ntap-20191122-0004/