1. Home
  2. Security Advisories
  3. OpenSUSE
  4. openSUSE-SU-2021:2214-1

[openSUSE-SU-2021:2214-1] Security update for go1.15

Severity Important
Affected Packages 10
CVEs 4
Info Packages References Vulnerabilities

Security update for go1.15

This update for go1.15 fixes the following issues:

Update to 1.15.13.

Includes these security fixes

  • CVE-2021-33195: net: Lookup functions may return invalid host names (bsc#1187443).
  • CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion (bsc#1186622).
  • CVE-2021-33197: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty (bsc#1187444)
  • CVE-2021-33198: math/big: (*Rat).SetString with '1.770p02041010010011001001' crashes with 'makeslice: len out of range' (bsc#1187445).
Package Affected Version
pkg:rpm/opensuse/go1.15?arch=x86_64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15?arch=s390x&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15?arch=ppc64le&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15?arch=aarch64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-race?arch=x86_64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-race?arch=aarch64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-doc?arch=x86_64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-doc?arch=s390x&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-doc?arch=ppc64le&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
pkg:rpm/opensuse/go1.15-doc?arch=aarch64&distro=opensuse-leap-15.3 < 1.15.13-1.33.1
ID
openSUSE-SU-2021:2214-1
Severity
important
URL
https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/UUQZOWPTQG2RZGQ367S6AID56JYVM5T6/
Published
2021-06-30T13:59:41
(3 years ago)
Modified
2021-06-30T13:59:41
(3 years ago)
Rights
Copyright 2024 SUSE LLC. All rights reserved.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/opensuse/go1.15?arch=x86_64&distro=opensuse-leap-15.3 opensuse go1.15 < 1.15.13-1.33.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/go1.15?arch=s390x&distro=opensuse-leap-15.3 opensuse go1.15 < 1.15.13-1.33.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/go1.15?arch=ppc64le&distro=opensuse-leap-15.3 opensuse go1.15 < 1.15.13-1.33.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/go1.15?arch=aarch64&distro=opensuse-leap-15.3 opensuse go1.15 < 1.15.13-1.33.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/go1.15-race?arch=x86_64&distro=opensuse-leap-15.3 opensuse go1.15-race < 1.15.13-1.33.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/go1.15-race?arch=aarch64&distro=opensuse-leap-15.3 opensuse go1.15-race < 1.15.13-1.33.1 opensuse-leap-15.3 aarch64
Affected pkg:rpm/opensuse/go1.15-doc?arch=x86_64&distro=opensuse-leap-15.3 opensuse go1.15-doc < 1.15.13-1.33.1 opensuse-leap-15.3 x86_64
Affected pkg:rpm/opensuse/go1.15-doc?arch=s390x&distro=opensuse-leap-15.3 opensuse go1.15-doc < 1.15.13-1.33.1 opensuse-leap-15.3 s390x
Affected pkg:rpm/opensuse/go1.15-doc?arch=ppc64le&distro=opensuse-leap-15.3 opensuse go1.15-doc < 1.15.13-1.33.1 opensuse-leap-15.3 ppc64le
Affected pkg:rpm/opensuse/go1.15-doc?arch=aarch64&distro=opensuse-leap-15.3 opensuse go1.15-doc < 1.15.13-1.33.1 opensuse-leap-15.3 aarch64
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date