[SUSE-SU-2023:4931-1] Security update for go1.21-openssl
Severity
Important
Affected Packages
24
CVEs
3
Security update for go1.21-openssl
This update for go1.21-openssl fixes the following issues:
Update to version 1.21.5.1:
- CVE-2023-45285: cmd/go: git VCS qualifier in module path uses git:// scheme (bsc#1217834).
- CVE-2023-45284: path/filepath: Clean removes ending slash for volume on Windows in Go 1.21.4 (bsc#1216943).
- CVE-2023-39326: net/http: limit chunked data overhead (bsc#1217833).
- cmd/go: go mod download needs to support toolchain upgrades
- cmd/compile: invalid pointer found on stack when compiled with -race
- os: NTFS deduped file changed from regular to irregular
- net: TCPConn.ReadFrom hangs when io.Reader is TCPConn or UnixConn, Linux kernel < 5.1
- cmd/compile: internal compiler error: panic during prove while compiling: unexpected induction with too many parents
- syscall: TestOpenFileLimit unintentionally runs on non-Unix platforms
- runtime: self-deadlock on mheap_.lock
- crypto/rand: Legacy RtlGenRandom use on Windows
- ID
- SUSE-SU-2023:4931-1
- Severity
- important
- URL
- https://www.suse.com/support/update/announcement/2023/suse-su-20234931-1/
- Published
-
2023-12-20T14:25:49
(9 months ago) - Modified
-
2023-12-20T14:25:49
(9 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
-
-
ALAS-2024-1903
-
ALAS-2024-1920
-
ALAS2-2024-2388
-
ALAS2-2024-2424
-
ALAS2-2024-2446
-
ALAS2-2024-2458
-
ALAS2-2024-2543
-
ALAS2-2024-2556
-
ALAS2-2024-2618
-
ALPINE:CVE-2023-39326
-
ALSA-2024:0748
-
ALSA-2024:0887
-
ALSA-2024:1131
-
ALSA-2024:1149
-
ALSA-2024:2160
-
ALSA-2024:2193
-
ALSA-2024:2245
-
ALSA-2024:2272
-
ELSA-2024-0887
-
ELSA-2024-1131
-
ELSA-2024-1149
-
ELSA-2024-12189
-
ELSA-2024-12190
-
ELSA-2024-12191
-
ELSA-2024-12225
-
ELSA-2024-12226
-
ELSA-2024-12261
-
ELSA-2024-12262
-
ELSA-2024-12263
-
ELSA-2024-12264
-
ELSA-2024-2193
-
ELSA-2024-2245
-
ELSA-2024-2272
-
ELSA-2024-2988
-
FEDORA-2024-193547def8
-
GLSA-202408-07
-
GO-2023-2186
-
GO-2023-2382
-
GO-2023-2383
-
RHSA-2024:0748
-
RHSA-2024:0887
-
RHSA-2024:1131
-
RHSA-2024:1149
-
RHSA-2024:1244
-
RHSA-2024:2160
-
RHSA-2024:2193
-
RHSA-2024:2245
-
RHSA-2024:2272
-
RHSA-2024:2988
-
SUSE-SU-2023:4469-1
-
SUSE-SU-2023:4470-1
-
SUSE-SU-2023:4471-1
-
SUSE-SU-2023:4472-1
-
SUSE-SU-2023:4708-1
-
SUSE-SU-2023:4709-1
-
SUSE-SU-2023:4930-1
-
USN-6574-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2023:4931-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2023:4931-1 |
|
|
| Bugzilla | SUSE Bug 1212475 |
|
|
| Bugzilla | SUSE Bug 1216943 |
|
|
| Bugzilla | SUSE Bug 1217833 |
|
|
| Bugzilla | SUSE Bug 1217834 |
|
|
| CVE | SUSE CVE CVE-2023-39326 page |
|
|
| CVE | SUSE CVE CVE-2023-45284 page |
|
|
| CVE | SUSE CVE CVE-2023-45285 page |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/suse/go1.21-openssl?arch=x86_64&distro=opensuse-leap-15.5 | suse |
 go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=s390x&distro=opensuse-leap-15.5 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=s390x&distro=opensuse-leap-15.4 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=aarch64&distro=opensuse-leap-15.5 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/go1.21-openssl?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=x86_64&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=s390x&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=s390x&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=aarch64&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-race?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-race
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | aarch64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=x86_64&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=x86_64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | x86_64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=s390x&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=s390x&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | s390x | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=ppc64le&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=ppc64le&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | ppc64le | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=aarch64&distro=opensuse-leap-15.5 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.5 | aarch64 | |
| Affected | pkg:rpm/suse/go1.21-openssl-doc?arch=aarch64&distro=opensuse-leap-15.4 | suse |
go1.21-openssl-doc
|
< 1.21.5.1-150000.1.8.1 | opensuse-leap-15.4 | aarch64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |