[SUSE-SU-2024:1573-1] Security update for go1.22
Severity
Moderate
CVEs
2
Security update for go1.22
This update for go1.22 fixes the following issues:
Update to go1.22.3:
- CVE-2024-24787: cmd/go: arbitrary code execution during build on darwin (bsc#1224017)
- CVE-2024-24788: net: high cpu usage in extractExtendedRCode (bsc#1224018)
- cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
- cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
- runtime: deterministic fallback hashes across process boundary
- net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
- ID
- SUSE-SU-2024:1573-1
- Severity
- moderate
- URL
- https://www.suse.com/support/update/announcement/2024/suse-su-20241573-1/
- Published
-
2024-05-09T11:18:26
(4 months ago) - Modified
-
2024-05-09T11:18:26
(4 months ago) - Rights
- Copyright 2024 SUSE LLC. All rights reserved.
- Other Advisories
ALPINE:CVE-2024-24788
ALSA-2024:5291
ELSA-2024-5291
FREEBSD:D3847EBA-114B-11EF-9C21-901B0E9408DC
GLSA-202408-07
GO-2024-2824
RHSA-2024:5291
USN-6886-1| Source | # ID | Name | URL |
|---|---|---|---|
| Suse | SUSE ratings |
|
|
| Suse | URL of this CSAF notice |
|
|
| Suse | URL for SUSE-SU-2024:1573-1 |
|
|
| Suse | E-Mail link for SUSE-SU-2024:1573-1 |
|
|
| Bugzilla | SUSE Bug 1218424 |
|
|
| Bugzilla | SUSE Bug 1224017 |
|
|
| Bugzilla | SUSE Bug 1224018 |
|
|
| CVE | SUSE CVE CVE-2024-24787 page |
|
|
| CVE | SUSE CVE CVE-2024-24788 page |
|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |