BELL-CVE-2018-6574 CVE-2018-6574 does not affect BellSoft software

Bulletin has no description...

Mageia: Security Advisory (MGASA-2018-0144)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2020-2078)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP3 : golang (EulerOS-SA-2020-2078)

According to the versions of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Go before 1.13.13 and 1.14.x before 1.14.5 has a data race in some net/http servers, as demonstrated by the httputil.ReverseProxy Handler, becau...

Photon OS 2.0: Go PHSA-2018-2.0-0026

An update of the go package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0026. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121926;...

Photon OS 2.0 : systemd / go (PhotonOS-PHSA-2018-2.0-0026) (deprecated)

An update of 'systemd', 'go' packages of Photon OS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-2.0-0026. The text itself is copyright C VMware,...

Amazon Linux 2 : golang (ALAS-2018-1011)

Arbitrary code execution during go get or go get -d Go before 1.8.4 and 1.9.x before 1.9.1 allows 'go get' remote command execution. Using custom domains, it is possible to arrange things so that example.com/pkg1 points to a Subversion repository but example.com/pkg1/pkg2 points to a Git...

RHEL 7 : go-toolset-7 and go-toolset-7-golang (RHSA-2018:1304)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:1304 advisory. Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded t...

Moderate: Red Hat Security Advisory: go-toolset-7 and go-toolset-7-golang security and bug fix update

An update for go-toolset-7 and go-toolset-7-golang is now available for Red Hat Developer Tools. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Scientific Linux Security Update : golang on SL7.x (noarch) (20180410)

The following packages have been upgraded to a later upstream version: golang 1.9.4. Security Fixes : - golang: arbitrary code execution during 'go get' or 'go get -d' CVE-2017-15041 - golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting CVE-2017-15042 - golang: arbitrary...

CentOS 7 : golang (CESA-2018:0878)

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Moderate: Red Hat Security Advisory: golang security, bug fix, and enhancement update

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Exploit for Code Injection in Golang Go

c...

Amazon Linux AMI : golang (ALAS-2018-975)

Arbitrary code execution during 'go get' via C compiler options : An arbitrary command execution flaw was found in the way Go's 'go get' command handled gcc and clang sensitive options during the build. A remote attacker capable of hosting malicious repositories could potentially use this flaw to...

Medium: golang

Issue Overview: Arbitrary code execution during "go get" via C compiler options: An arbitrary command execution flaw was found in the way Go's "go get" command handled gcc and clang sensitive options during the build. A remote attacker capable of hosting malicious repositories could potentially u...

openSUSE Security Update : go1.8 (openSUSE-2018-235)

This update for go1.8 fixes the following issues : Security issues fixed : - CVE-2018-6574: 'go get' allows for remote command execution during source code build bsc1080006. Bug fixes : - bsc1082409: Review dependencies requires, recommends and supports This update was imported from the...

Fedora 26 : golang (2018-6f08b79a09)

Security fix for CVE-2018-6574 - Rebase to latest point release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...

Updated golang packages fix security vulnerability

Updated golang packages fix security vulnerabilities: Go before 1.9.4 allows "go get" remote command execution during source code build, by leveraging the gcc or clang plugin feature, because -fplugin= and -plugin= arguments were not blocked CVE-2018-6574...

Fedora Update for golang FEDORA-2018-5562b6e2c0

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 27 : golang (2018-5562b6e2c0)

Security fix for CVE-2018-6574 - Rebase to latest point release Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...