Lucene search
OracleLinuxELSA-2024-6913HistorySep 23, 2024 - 12:00 a.m.
golang security update
2024-09-2300:00:00
linux.oracle.com
1
golang security update
version 1.21.13-3
cve fixes
rhel-58226
rhel-57962
rhel-57848
rhel-57865
rebase to go1.21.13
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
Low
[1.21.13-3]
- Related: RHEL-58226
[1.21.13-2] - Rebuild Go with CVE Fixes
- Remove fix-memleak-setupRSA.patch (exists upstream)
- Resolves: RHEL-58226
- Resolves: RHEL-57962
- Resolves: RHEL-57848
- Resolves: RHEL-57865
[1.21.13-1] - Rebase to Go1.21.13 to pick the fix for CVE-2024-24791
- Technically Go1.21.12 contains the fix for the CVE but there was another
latest release so rebasing to that - Resolves: RHEL-53547
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 9 | src | golang | < 1.21.13-3.el9_4 | golang-1.21.13-3.el9_4.src.rpm |
| oracle linux | 9 | aarch64 | go-toolset | < 1.21.13-3.el9_4 | go-toolset-1.21.13-3.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | golang | < 1.21.13-3.el9_4 | golang-1.21.13-3.el9_4.aarch64.rpm |
| oracle linux | 9 | aarch64 | golang-bin | < 1.21.13-3.el9_4 | golang-bin-1.21.13-3.el9_4.aarch64.rpm |
| oracle linux | 9 | noarch | golang-docs | < 1.21.13-3.el9_4 | golang-docs-1.21.13-3.el9_4.noarch.rpm |
| oracle linux | 9 | noarch | golang-misc | < 1.21.13-3.el9_4 | golang-misc-1.21.13-3.el9_4.noarch.rpm |
| oracle linux | 9 | noarch | golang-src | < 1.21.13-3.el9_4 | golang-src-1.21.13-3.el9_4.noarch.rpm |
| oracle linux | 9 | noarch | golang-tests | < 1.21.13-3.el9_4 | golang-tests-1.21.13-3.el9_4.noarch.rpm |
| oracle linux | 9 | src | golang | < 1.21.13-3.el9_4 | golang-1.21.13-3.el9_4.src.rpm |
| oracle linux | 9 | x86_64 | go-toolset | < 1.21.13-3.el9_4 | go-toolset-1.21.13-3.el9_4.x86_64.rpm |
Related
almalinux
almalinux
Important: go-toolset:rhel8 security update
2024-09-23 00:00:00
Important: golang security update
2024-09-23 00:00:00
redhat
redhat
(RHSA-2024:6908) Important: go-toolset:rhel8 security update
2024-09-23 01:15:33
(RHSA-2024:6913) Important: golang security update
2024-09-23 01:15:40
(RHSA-2024:6914) Important: golang security update
2024-09-23 01:15:42
nessus
nessus
AlmaLinux 9 : golang (ALSA-2024:6913)
2024-09-25 00:00:00
RHEL 9 : golang (RHSA-2024:6913)
2024-09-23 00:00:00
AlmaLinux 8 : go-toolset:rhel8 (ALSA-2024:6908)
2024-09-25 00:00:00
osv
osv
Important: go-toolset:rhel8 security update
2024-09-23 00:00:00
Important: golang security update
2024-09-23 00:00:00
Security update for go1.23
2024-09-12 09:34:04
oraclelinux
oraclelinux
go-toolset:ol8 security update
2024-09-23 00:00:00
openvas
openvas
openSUSE: Security Advisory for go1.22 (SUSE-SU-2024:3213-1)
2024-09-13 00:00:00
openSUSE: Security Advisory for go1.23 (SUSE-SU-2024:3214-1)
2024-09-13 00:00:00
ibm
ibm
cve
cve
CVE-2024-24791
2024-07-02 22:15:04
redhatcve
redhatcve
CVE-2024-24791
2024-07-04 17:21:05
vulnrichment
vulnrichment
freebsd
freebsd
go -- net/http: denial of service due to improper 100-continue handling
2024-07-02 00:00:00
cbl_mariner
cbl_mariner
CVE-2024-24791 affecting package golang for versions less than 1.22.5-1
2024-09-30 14:02:03
CVSS3
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
AI Score
7.8
Confidence
Low
Related for ELSA-2024-6913