Advisories for Golang/Github.com/Openshift/Origin package

In Openshift Origin 3 the cookies being set in console have no 'secure', 'HttpOnly' attributes.

The API server in OpenShift Origin 1.0.5 allows remote attackers to cause a denial of service (master process crash) via crafted JSON data.

Openshift allows remote attackers to gain privileges by updating a build configuration that was created with an allowed type to a type that is not allowed.