Mageia: Security Advisory (MGASA-2017-0195)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for golang (EulerOS-SA-2017-1225)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 1.0: Cairo / Go / Libxml2 / Openvswitch PHSA-2017-0039 (deprecated)

An update of cairo,openvswitch,libxml2,go packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0039. The text itself is copyright C...

EulerOS 2.0 SP2 : golang (EulerOS-SA-2017-1225)

According to the version of the golang packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could possibly use this flaw to extract...

CentOS 7 : golang (CESA-2017:1859)

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

golang security update

CentOS Errata and Security Advisory CESA-2017:1859 An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Scientific Linux Security Update : golang on (20170801)

The following packages have been upgraded to a later upstream version: golang 1.8.3. Security Fixes : - A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could possibly use this flaw to extract private keys when static ECDH was used...

Oracle Linux 7 : golang (ELSA-2017-1859)

The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-1859 advisory. - fix CVE-2017-8932 Tenable has extracted the preceding description block directly from the Oracle Linux security advisory. Note that Nessus has not tested for...

golang security, bug fix, and enhancement update

1.8.3-1 - bump to 1.8.3 - fix CVE-2017-8932 - Resolves: rhbz1452616, rhbz1452241, rhbz1457169, rhbz1448346...

RHEL 7 : golang (RHSA-2017:1859)

An update for golang is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Fedora 26 : golang (2017-8f018a3d39)

Bump to 1.8.3 - Security fix for CVE-2017-8932 - add support for 28+bit OIDs in asn1 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible...

Amazon Linux AMI : golang (ALAS-2017-857)

Golang: Elliptic curves carry propagation issue in x86-64 P-256. A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could use this flaw to extract private keys when static ECDH is used. CVE-2017-8932 C Tenable Network Security, Inc. The...

Medium: golang

Issue Overview: Golang: Elliptic curves carry propagation issue in x86-64 P-256. A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could use this flaw to extract private keys when static ECDH is used. CVE-2017-8932 Affected Packages: golan...

CVE-2017-8932

A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by...

CVE-2017-8932

A bug in the standard library ScalarMult implementation of curve P-256 for amd64 architectures in Go before 1.7.6 and 1.8.x before 1.8.2 causes incorrect results to be generated for specific input points. An adaptive attack can be mounted to progressively extract the scalar input to ScalarMult by...

CVE-2017-8932

CVE-2017-8932 affects the Go standard library’s ScalarMult on the P-256 curve for amd64. The bug causes incorrect results for certain input points, enabling an adaptive attack that progressively extracts the scalar in the ScalarMult operation and can lead to a full key recovery for static ECDH as...

openSUSE Security Update : go (openSUSE-2017-719)

This update for go fixes the following issues : - CVE-2017-8932: Add patch to fix carry bug in x86-64 P-256 implementation boo1040618 Please note that go applications will need to be rebuilt to get this fix, as all go applications are statically linked. As we are regulary releasing updates to our...

MGASA-2017-0195 Updated golang packages fix security vulnerability

A carry propagation issue was found in the P-256 implementation for x86-64 in golang CVE-2017-8932...

OPENSUSE-SU-2017:1650-1 Security update for go

This update for go fixes the following issues: - CVE-2017-8932: Add patch to fix carry bug in x86-64 P-256 implementation boo1040618 Please note that go applications will need to be rebuilt to get this fix, as all go applications are statically linked. As we are regulary releasing updates to our...

Fedora 25 : golang (2017-278f46fcd6)

Bump to 1.7.6 - Security fix for CVE-2017-8932 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...