[openSUSE-SU-2021:2186-1] Security update for go1.16
Severity
Important
Affected Packages
10
CVEs
4
Security update for go1.16
This update for go1.16 fixes the following issues:
Update to 1.16.5.
Includes these security fixes
- CVE-2021-33195: net: Lookup functions may return invalid host names (bsc#1187443).
- CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion (bsc#1186622).
- CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty (bsc#1187444)
- CVE-2021-33198: math/big: (*Rat).SetString with '1.770p02041010010011001001' crashes with 'makeslice: len out of range' (bsc#1187445).
Package | Affected Version |
---|---|
pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.5-1.17.1 |
- ID
- openSUSE-SU-2021:2186-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/EXHOWUQKHNS4LEJ2GTYWY2EEAYVCKECW/
- Published
-
2021-06-28T16:23:29
(3 years ago) - Modified
-
2021-06-28T16:23:29
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2021-1527
- ALAS-2022-1635
- ALAS2-2021-1694
- ALAS2-2022-1830
- ALPINE:CVE-2021-33195
- ALPINE:CVE-2021-33196
- ALPINE:CVE-2021-33197
- ALPINE:CVE-2021-33198
- ALSA-2021:3076
- ALSA-2021:4156
- ALSA-2021:4226
- ALSA-2022:7954
- ALSA-2022:7955
- ALSA-2022:8008
- ASA-202106-42
- ELSA-2021-3076
- ELSA-2021-4226
- ELSA-2022-7954
- ELSA-2022-7955
- ELSA-2022-8008
- ELSA-2024-2988
- FREEBSD:079B3641-C4BD-11EB-A22A-693F0544AE52
- GLSA-202208-02
- GO-2021-0239
- GO-2021-0240
- GO-2021-0241
- GO-2021-0242
- openSUSE-SU-2021:0950-1
- openSUSE-SU-2021:2214-1
- RHSA-2021:3076
- RHSA-2021:4156
- RHSA-2021:4226
- RHSA-2022:7954
- RHSA-2022:7955
- RHSA-2022:8008
- RHSA-2024:2988
- SUSE-SU-2021:2186-1
- SUSE-SU-2021:2214-1
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.5-1.17.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.5-1.17.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.5-1.17.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.5-1.17.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16-race | < 1.16.5-1.17.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16-race | < 1.16.5-1.17.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.5-1.17.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.5-1.17.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.5-1.17.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.5-1.17.1 | opensuse-leap-15.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |