[openSUSE-SU-2021:2392-1] Security update for go1.16
Severity
Important
Affected Packages
10
CVEs
1
Security update for go1.16
This update for go1.16 fixes the following issues:
go1.16.6 (released 2021-07-12, bsc#1182345) includes a security fix to the
crypto/tls package, as well as bug fixes to the compiler, and the
net and net/http packages.
Security issue fixed:
CVE-2021-34558: Fixed crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters (bsc#1188229)
go1.16 release:
- bsc#1188229 go#47143 CVE-2021-34558
- go#47145 security: fix CVE-2021-34558
- go#46999 net: LookupMX behaviour broken
- go#46981 net: TestCVE202133195 fails if /etc/resolv.conf specifies ndots larger than 3
- go#46769 syscall: TestGroupCleanupUserNamespace test failure on Fedora
- go#46657 runtime: deeply nested struct initialized with non-zero values
- go#44984 net/http: server not setting Content-Length in certain cases
| Package | Affected Version |
|---|---|
 pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
|
pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3
|
< 1.16.6-1.20.1 |
- ID
- openSUSE-SU-2021:2392-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AKQH4LHYIFOWBEGMGHD7S7TTV7JL4U7W/
- Published
-
2021-07-19T06:50:28
(3 years ago) - Modified
-
2021-07-19T06:50:28
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2021-1527
-
ALAS2-2021-1694
-
ALPINE:CVE-2021-34558
-
ALSA-2021:3076
-
ALSA-2021:4226
-
ALSA-2022:7954
-
ASA-202107-42
-
ELSA-2021-3076
-
ELSA-2021-4226
-
ELSA-2022-7954
-
ELSA-2024-2988
-
FEDORA-2021-07e4d20196
-
FEDORA-2021-1bfb61f77c
-
FEDORA-2021-25c0011e78
-
FEDORA-2021-3a55403080
-
FEDORA-2021-47d259d3cf
-
FEDORA-2021-54f88bebd4
-
FEDORA-2021-6ac9b98f9e
-
FEDORA-2021-c35235c250
-
FEDORA-2021-ffa749f7f7
-
FREEBSD:C365536D-E3CF-11EB-9D8D-B37B683944C2
-
GLSA-202208-02
-
GO-2021-0243
-
MS:CVE-2021-34558
-
openSUSE-SU-2021:1078-1
-
openSUSE-SU-2021:1079-1
-
openSUSE-SU-2021:2398-1
-
RHSA-2021:3076
-
RHSA-2021:4226
-
RHSA-2022:7954
-
RHSA-2024:2988
-
SUSE-SU-2021:2392-1
-
SUSE-SU-2021:2398-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for openSUSE-SU-2021:2392-1 |
|
|
| Suse | E-Mail link for openSUSE-SU-2021:2392-1 |
|
|
| Bugzilla | SUSE Bug 1182345 |
|
|
| Bugzilla | SUSE Bug 1188229 |
|
|
| CVE | SUSE CVE CVE-2021-34558 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3 | opensuse |
go1.16
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3 | opensuse |
go1.16
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | s390x | |
| Affected | pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse |
go1.16
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | ppc64le | |
| Affected | pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3 | opensuse |
go1.16
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 | |
| Affected | pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3 | opensuse |
go1.16-race
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3 | opensuse |
go1.16-race
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 | |
| Affected | pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3 | opensuse |
go1.16-doc
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3 | opensuse |
go1.16-doc
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | s390x | |
| Affected | pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse |
go1.16-doc
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | ppc64le | |
| Affected | pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3 | opensuse |
go1.16-doc
|
< 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |