[SUSE-SU-2022:2671-1] Security update for go1.17
Severity
Important
Affected Packages
32
CVEs
10
Security update for go1.17
This update for go1.17 fixes the following issues:
Update to go version 1.17.13 (bsc#1190649):
- CVE-2022-32189: encoding/gob, math/big: decoding big.Float and big.Rat can panic (bsc#1202035).
- CVE-2022-30635: encoding/gob: stack exhaustion in Decoder.Decode (bsc#1201444).
- CVE-2022-30631: compress/gzip: stack exhaustion in Reader.Read (bsc#1201437).
- CVE-2022-1962: go/parser: stack exhaustion in all Parse* functions (bsc#1201448).
- CVE-2022-28131: encoding/xml: stack exhaustion in Decoder.Skip (bsc#1201443).
- CVE-2022-1705: net/http: improper sanitization of Transfer-Encoding header (bsc#1201434)
- CVE-2022-30630: io/fs: stack exhaustion in Glob (bsc#1201447).
- CVE-2022-32148: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (bsc#1201436)
- CVE-2022-30632: path/filepath: stack exhaustion in Glob (bsc#1201445).
- CVE-2022-30633: encoding/xml: stack exhaustion in Unmarshal (bsc#1201440).
- ID
- SUSE-SU-2022:2671-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2022/suse-su-20222671-1/
- Published
-
2022-08-04T12:05:44
(2 years ago) - Modified
-
2022-08-04T12:05:44
(2 years ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2022-1635
-
ALAS-2023-1731
-
ALAS2-2022-1846
-
ALAS2-2022-1847
-
ALAS2-2022-1858
-
ALAS2-2022-1859
-
ALAS2-2022-1860
-
ALAS2-2022-1861
-
ALAS2-2022-1862
-
ALAS2-2022-1863
-
ALAS2-2022-1864
-
ALAS2-2022-1865
-
ALPINE:CVE-2022-1705
-
ALPINE:CVE-2022-1962
-
ALPINE:CVE-2022-28131
-
ALPINE:CVE-2022-30630
-
ALPINE:CVE-2022-30631
-
ALPINE:CVE-2022-30632
-
ALPINE:CVE-2022-30633
-
ALPINE:CVE-2022-30635
-
ALPINE:CVE-2022-32148
-
ALPINE:CVE-2022-32189
-
ALSA-2022:5775
-
ALSA-2022:5799
-
ALSA-2022:7129
-
ALSA-2022:7519
-
ALSA-2022:7529
-
ALSA-2022:7548
-
ALSA-2022:7648
-
ALSA-2022:7950
-
ALSA-2022:8057
-
ALSA-2022:8098
-
ALSA-2022:8250
-
ALSA-2023:2193
-
ALSA-2023:2236
-
ALSA-2023:2357
-
ALSA-2023:2758
-
ALSA-2023:2802
-
ALSA-2024:2180
-
ELSA-2022-20693
-
ELSA-2022-20694
-
ELSA-2022-23681
-
ELSA-2022-24267
-
ELSA-2022-5775
-
ELSA-2022-5799
-
ELSA-2022-7129
-
ELSA-2022-7519
-
ELSA-2022-7529
-
ELSA-2022-7548
-
ELSA-2022-7648
-
ELSA-2022-7950
-
ELSA-2022-8057
-
ELSA-2022-8250
-
ELSA-2023-2357
-
ELSA-2023-2758
-
ELSA-2023-2802
-
ELSA-2024-2180
-
FEDORA-2022-1f829990f0
-
FEDORA-2022-30c5ed5625
-
FREEBSD:7F8D5435-125A-11ED-9A69-10C37B4AC2EA
-
FREEBSD:A4F2416C-02A0-11ED-B817-10C37B4AC2EA
-
GLSA-202208-02
-
GO-2022-0515
-
GO-2022-0520
-
GO-2022-0521
-
GO-2022-0522
-
GO-2022-0523
-
GO-2022-0524
-
GO-2022-0525
-
GO-2022-0526
-
GO-2022-0527
-
GO-2022-0537
-
MS:CVE-2022-1705
-
MS:CVE-2022-1962
-
MS:CVE-2022-28131
-
MS:CVE-2022-30630
-
MS:CVE-2022-30631
-
MS:CVE-2022-30632
-
MS:CVE-2022-30633
-
MS:CVE-2022-30635
-
MS:CVE-2022-32148
-
MS:CVE-2022-32189
-
RHSA-2022:5775
-
RHSA-2022:5799
-
RHSA-2022:7129
-
RHSA-2022:7519
-
RHSA-2022:7529
-
RHSA-2022:7548
-
RHSA-2022:7648
-
RHSA-2022:7950
-
RHSA-2022:8057
-
RHSA-2022:8098
-
RHSA-2022:8250
-
RHSA-2023:0328
-
RHSA-2023:0446
-
RHSA-2023:2193
-
RHSA-2023:2236
-
RHSA-2023:2357
-
RHSA-2023:2758
-
RHSA-2023:2802
-
RHSA-2024:2180
-
RLSA-2022:5775
-
RLSA-2022:7129
-
RLSA-2022:7519
-
RLSA-2022:7529
-
RLSA-2022:7548
-
RLSA-2022:7648
-
RLSA-2022:7950
-
RLSA-2022:8057
-
RLSA-2022:8098
-
RLSA-2022:8250
-
SUSE-SU-2022:2672-1
-
SUSE-SU-2023:2312-1
-
USN-6038-1
-
USN-6038-2
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/go1.17?arch=x86_64&distro=sles-15&sp=2 | suse |
 go1.17
|
< 1.17.13-150000.1.42.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17?arch=x86_64&distro=opensuse-leap-15.3 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17?arch=s390x&distro=sles-15&sp=2 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/go1.17?arch=s390x&distro=opensuse-leap-15.4 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/go1.17?arch=s390x&distro=opensuse-leap-15.3 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | s390x | |
| Affected | pkg:rpm/suse/go1.17?arch=ppc64le&distro=sles-15&sp=2 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17?arch=ppc64le&distro=opensuse-leap-15.3 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17?arch=i586&distro=opensuse-leap-15.3 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | i586 | |
| Affected | pkg:rpm/suse/go1.17?arch=aarch64&distro=sles-15&sp=2 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17?arch=aarch64&distro=opensuse-leap-15.3 | suse |
go1.17
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=x86_64&distro=sles-15&sp=2 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=x86_64&distro=opensuse-leap-15.3 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=aarch64&distro=sles-15&sp=2 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-race?arch=aarch64&distro=opensuse-leap-15.3 | suse |
go1.17-race
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=x86_64&distro=sles-15&sp=2 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | sles-15 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=x86_64&distro=opensuse-leap-15.3 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | x86_64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=s390x&distro=sles-15&sp=2 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | sles-15 | s390x | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=s390x&distro=opensuse-leap-15.4 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=s390x&distro=opensuse-leap-15.3 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | s390x | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=ppc64le&distro=sles-15&sp=2 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | sles-15 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=ppc64le&distro=opensuse-leap-15.3 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | ppc64le | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=i586&distro=opensuse-leap-15.3 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | i586 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=aarch64&distro=sles-15&sp=2 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | sles-15 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/go1.17-doc?arch=aarch64&distro=opensuse-leap-15.3 | suse |
go1.17-doc
|
< 1.17.13-150000.1.42.1 | opensuse-leap-15.3 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |