[openSUSE-SU-2021:2392-1] Security update for go1.16
Severity
Important
Affected Packages
10
CVEs
1
Security update for go1.16
This update for go1.16 fixes the following issues:
go1.16.6 (released 2021-07-12, bsc#1182345) includes a security fix to the
crypto/tls package, as well as bug fixes to the compiler, and the
net and net/http packages.
Security issue fixed:
CVE-2021-34558: Fixed crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters (bsc#1188229)
go1.16 release:
- bsc#1188229 go#47143 CVE-2021-34558
- go#47145 security: fix CVE-2021-34558
- go#46999 net: LookupMX behaviour broken
- go#46981 net: TestCVE202133195 fails if /etc/resolv.conf specifies ndots larger than 3
- go#46769 syscall: TestGroupCleanupUserNamespace test failure on Fedora
- go#46657 runtime: deeply nested struct initialized with non-zero values
- go#44984 net/http: server not setting Content-Length in certain cases
Package | Affected Version |
---|---|
pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3 | < 1.16.6-1.20.1 |
- ID
- openSUSE-SU-2021:2392-1
- Severity
- important
- URL
- https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AKQH4LHYIFOWBEGMGHD7S7TTV7JL4U7W/
- Published
-
2021-07-19T06:50:28
(3 years ago) - Modified
-
2021-07-19T06:50:28
(3 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
- ALAS-2021-1527
- ALAS2-2021-1694
- ALPINE:CVE-2021-34558
- ALSA-2021:3076
- ALSA-2021:4226
- ALSA-2022:7954
- ASA-202107-42
- ELSA-2021-3076
- ELSA-2021-4226
- ELSA-2022-7954
- ELSA-2024-2988
- FEDORA-2021-07e4d20196
- FEDORA-2021-1bfb61f77c
- FEDORA-2021-25c0011e78
- FEDORA-2021-3a55403080
- FEDORA-2021-47d259d3cf
- FEDORA-2021-54f88bebd4
- FEDORA-2021-6ac9b98f9e
- FEDORA-2021-c35235c250
- FEDORA-2021-ffa749f7f7
- FREEBSD:C365536D-E3CF-11EB-9D8D-B37B683944C2
- GLSA-202208-02
- GO-2021-0243
- MS:CVE-2021-34558
- openSUSE-SU-2021:1078-1
- openSUSE-SU-2021:1079-1
- openSUSE-SU-2021:2398-1
- RHSA-2021:3076
- RHSA-2021:4226
- RHSA-2022:7954
- RHSA-2024:2988
- SUSE-SU-2021:2392-1
- SUSE-SU-2021:2398-1
Source | # ID | Name | URL |
---|---|---|---|
Suse | SUSE ratings | https://www.suse.com/support/security/rating/ | |
Suse | URL of this CSAF notice | https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2021_2392-1.json | |
Suse | URL for openSUSE-SU-2021:2392-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AKQH4LHYIFOWBEGMGHD7S7TTV7JL4U7W/ | |
Suse | E-Mail link for openSUSE-SU-2021:2392-1 | https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/AKQH4LHYIFOWBEGMGHD7S7TTV7JL4U7W/ | |
Bugzilla | SUSE Bug 1182345 | https://bugzilla.suse.com/1182345 | |
Bugzilla | SUSE Bug 1188229 | https://bugzilla.suse.com/1188229 | |
CVE | SUSE CVE CVE-2021-34558 page | https://www.suse.com/security/cve/CVE-2021-34558/ |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/opensuse/go1.16?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16?arch=s390x&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.6-1.20.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/go1.16?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.6-1.20.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/go1.16?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16 | < 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/go1.16-race?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16-race | < 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16-race?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16-race | < 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=x86_64&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.6-1.20.1 | opensuse-leap-15.3 | x86_64 | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=s390x&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.6-1.20.1 | opensuse-leap-15.3 | s390x | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=ppc64le&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.6-1.20.1 | opensuse-leap-15.3 | ppc64le | |
Affected | pkg:rpm/opensuse/go1.16-doc?arch=aarch64&distro=opensuse-leap-15.3 | opensuse | go1.16-doc | < 1.16.6-1.20.1 | opensuse-leap-15.3 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |