[SECURITY] Fedora 37 Update: golang-1.19.13-1.fc37

The Go Programming Language...

The vulnerability in the golang.org/x/crypto/ssh library for the Go programming language allows a attacker to cause SSH servers to fail.

The vulnerability of the golang.org/x/crypto/ssh library in the Go programming language is related to pointer arithmetic errors. Exploiting this vulnerability could allow an attacker to cause SSH servers to fail...

PT-2023-36259 · Go +1 · Go +1

Name of the Vulnerable Software and Affected Versions: rekor affected versions not specified Description: The issue is related to a security release in the Go programming language, specifically version 1.21. The rekor package has been rebuilt with this security release to address the issue. There...

PT-2023-36261 · Skopeo · Skopeo

Name of the Vulnerable Software and Affected Versions: skopeo affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.21. The skopeo package has been rebuilt with this security release to address the issue. There is no...

PT-2023-36254 · Google +1 · Go +1

Name of the Vulnerable Software and Affected Versions: amazon-ecs-init affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.21. The update of amazon-ecs-init is intended to address this issue by rebuilding the package wi...

PT-2023-9455 · Go +7 · Go +7

Name of the Vulnerable Software and Affected Versions: Go affected versions not specified Description: The issue is related to the processing of incomplete post-handshake messages for QUIC connections, which can cause a panic. Additionally, there is a vulnerability in the HandleData function of t...

OESA-2023-1501 golang security update

The Go Programming Language. Security Fixes: The HTTP/1 client does not fully validate the contents of the Host header. A maliciously crafted Host header can inject additional headers or entire requests. With fix, the HTTP/1 client now refuses to send requests containing an invalid Request.Host o...

[SECURITY] Fedora 37 Update: golang-1.19.12-1.fc37

The Go Programming Language...

[SECURITY] Fedora 38 Update: golang-1.20.7-1.fc38

The Go Programming Language...

PT-2023-36216 · Google +1 · Go +1

Name of the Vulnerable Software and Affected Versions: amazon-ecs-init affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The update of amazon-ecs-init is intended to address this issue by rebuilding the package wi...

PT-2023-36212 · Hashicorp · Terraform-Provider-Helm

Name of the Vulnerable Software and Affected Versions: terraform-provider-helm affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The terraform-provider-helm package has been rebuilt to incorporate this security...

PT-2023-36207 · Rekor · Rekor

Name of the Vulnerable Software and Affected Versions: rekor affected versions not specified Description: The issue is related to a security release in the Go programming language, specifically version 1.20. The problem is addressed by rebuilding the rekor package with this security release...

PT-2023-36211 · Hashicorp · Terraform-Provider-Aws

Name of the Vulnerable Software and Affected Versions: terraform-provider-aws affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The terraform-provider-aws package has been rebuilt to incorporate this security...

PT-2023-36206 · Buildah +1 · Buildah +1

Name of the Vulnerable Software and Affected Versions: buildah affected versions not specified Description: The issue is related to a security release in the Go programming language, version 1.20. The buildah package has been rebuilt with this security release to address the issue. There is no...

SUSE-SU-2023:2297-2 Security update for golang-github-vpenso-prometheus_slurm_exporter

This update of golang-github-vpenso-prometheusslurmexporter fixes the following issues: - rebuild the package with the go 1.19 security release bsc1200441 bsc1209658...

Fedora: Security Advisory for golang (FEDORA-2023-802ea02cf1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

The vulnerability of the Cgo module in the Go programming language, allowing attackers to execute arbitrary code

The vulnerability of the Cgo module in the Go programming language is related to incorrect code generation during the processing of directory names. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

USN-5725-2 golang-1.13 vulnerability

USN-5725-1 fixed a vulnerability in Go. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this...

Fedora: Security Advisory for golang (FEDORA-2023-12504e8774)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

PT-2023-36175 · Unknown · Kubernetes Containerd

Name of the Vulnerable Software and Affected Versions: containerd affected versions not specified Description: The issue is related to rebuilding containerd with a current version of go to catch up on bugfixes and security fixes. There is no information provided about the estimated number of...