4 matches found
golang: compress/gzip: stack exhaustion in Reader.Read
A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion...
golang: compress/gzip: stack exhaustion in Reader.Read
A flaw was found in golang. Calling the Reader, Read method on an archive that contains a large number of concatenated 0-length compressed files can cause a panic issue due to stack exhaustion...
MGASA-2021-0537 Updated golang packages fix security vulnerability
ImportedSymbols in debug/macho for Open or OpenFat in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation. CVE-2021-41771 Go before 1.16.10 and 1.17.x before 1.17.3 allows an archive/zip Reader.Open panic via a...
SUSE-SU-2021:2186-1 Security update for go1.16
This update for go1.16 fixes the following issues: Update to 1.16.5. Includes these security fixes - CVE-2021-33195: net: Lookup functions may return invalid host names bsc1187443. - CVE-2021-33196: archive/zip: malformed archive may cause panic or memory exhaustion bsc1186622. - CVE-2021-33197:...