6 matches found
SUSE SLES15 Security Update : go1.26-openssl (SUSE-SU-2026:0993-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0993-1 advisory. Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. -...
SUSE-SU-2026:0976-1 Security update for go1.26-openssl
This update for go1.26-openssl fixes the following issues: Update to go 1.26.1 bsc1255111, jscSLE-18320: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. - CVE-2026-27138:...
Security update for go1.26
This update for go1.26 fixes the following issues: Update to go1.26.1 bsc1255111: CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. CVE-2026-27137: crypto/x509: incorrect enforcement of email constraints bsc1259266. CVE-2026-27138: crypto/x509: panic in name constraint...
SUSE-SU-2026:0875-1 Security update for go1.25
This update for go1.25 fixes the following issues: Update to go1.25.8 bsc1244485: - CVE-2026-25679: net/url: reject IPv6 literal not at start of host bsc1259264. - CVE-2026-27139: os: FileInfo can escape from a Root bsc1259268. - CVE-2026-27142: html/template: URLs in meta content attribute actio...
CVE-2026-27139 FileInfo can escape from a Root in os
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...
GO-2026-4602 FileInfo can escape from a Root in os
On Unix platforms, when listing the contents of a directory using File.ReadDir or File.Readdir the returned FileInfo could reference a file outside of the Root in which the File was opened. The impact of this escape is limited to reading metadata provided by lstat from arbitrary locations on the...