[FEDORA-2022-1f829990f0] Fedora 36: golang

Severity High

Affected Packages 1

CVEs 1

go1.18.5 includes security fixes to the encoding/gob and math/big packages, as
well as bug fixes to the compiler, the go command, the runtime, and the testing
package. Upstream notes.

Package	Affected Version
pkg:rpm/fedora/golang?distro=fedora-36	< 1.18.5.1.fc36

ID

FEDORA-2022-1f829990f0

Severity

high

Severity from

CVE-2022-32189

URL

https://bodhi.fedoraproject.org/updates/FEDORA-2022-1f829990f0

Published

2022-08-12T01:39:18
(2 years ago)

Modified

2022-08-12T01:39:18
(2 years ago)

Rights

Other Advisories

Source	# ID	Name	URL
Bugzilla	2113815	Bug #2113815 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service [fedora-all]	https://bugzilla.redhat.com/show_bug.cgi?id=2113815

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch	Patch / Fix
Affected	pkg:rpm/fedora/golang?distro=fedora-36	fedora	golang	< 1.18.5.1.fc36	fedora-36

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date