From 89d00c5ac1db8eac00e602a704d4b759797db699 Mon Sep 17 00:00:00 2001
From: Katie Hockman <katie@golang.org>
Date: Oct 17 2019 19:20:29 +0000
Subject: [release-branch.go1.12] all: merge release-branch.go1.12-security into release-branch.go1.12


Change-Id: Ied19fb5f182670c9dc3bd15327d461b203187cf6

---

diff --git a/VERSION b/VERSION
index 40bdee3..524722c 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-go1.12.10
\ No newline at end of file
+go1.12.11
\ No newline at end of file
diff --git a/doc/devel/release.html b/doc/devel/release.html
index 1634fbe..c756cfe 100644
--- a/doc/devel/release.html
+++ b/doc/devel/release.html
@@ -105,6 +105,13 @@ See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.12.10">Go
 1.12.10 milestone</a> on our issue tracker for details.
 </p>
 
+<p>
+go1.12.11 (released 2019/10/17) includes security fixes to the
+<code>crypto/dsa</code> package.
+See the <a href="https://github.com/golang/go/issues?q=milestone%3AGo1.12.11">Go
+1.12.11 milestone</a> on our issue tracker for details.
+</p>
+
 <h2 id="go1.11">go1.11 (released 2018/08/24)</h2>
 
 <p>
diff --git a/src/crypto/dsa/dsa.go b/src/crypto/dsa/dsa.go
index 575314b..2fc4f1f 100644
--- a/src/crypto/dsa/dsa.go
+++ b/src/crypto/dsa/dsa.go
@@ -279,6 +279,9 @@ func Verify(pub *PublicKey, hash []byte, r, s *big.Int) bool {
 	}
 
 	w := new(big.Int).ModInverse(s, pub.Q)
+	if w == nil {
+		return false
+	}
 
 	n := pub.Q.BitLen()
 	if n&7 != 0 {