Huawei EulerOS: Security Advisory for screen (EulerOS-SA-2023-2709)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2023-312)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-312 advisory. On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or...

Security Bulletin: IBM Event Streams is affected by multiple vulnerabilities in Golang Go

Summary Vulnerabilities in golang before 1.19.10 affect the golang component that is used by IBM Event Streams CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405. These vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2023-29403 DESCRIPTION: Golang Go could allow a...

Important: golang

Issue Overview: RESERVED NOTE: https://groups.google.com/g/golang-announce/c/V0aBFqaFsE CVE-2022-41724 Golang: net/http, mime/multipart: denial of service from excessive resource consumption https://groups.google.com/g/golang-announce/c/V0aBFqaFsE CVE-2022-41725 The ScalarMult and ScalarBaseMult...

Fedora 38 : golang (2023-eb60fcd505)

The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-eb60fcd505 advisory. This update includes a security fix to the net/http package, as well as bug fixes to the compiler, cgo, the cover tool, the go command, the runtime,...

EulerOS 2.0 SP10 : screen (EulerOS-SA-2023-2393)

According to the versions of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users...

EulerOS 2.0 SP9 : screen (EulerOS-SA-2023-2342)

According to the versions of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users...

EulerOS 2.0 SP9 : screen (EulerOS-SA-2023-2322)

According to the versions of the screen package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - socket.c in GNU Screen through 4.9.0, when installed setuid or setgid the default on platforms such as Arch Linux and FreeBSD, allows local users...

RLSA-2023:3923 Critical: go-toolset and golang security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang:...

go-toolset and golang security update

An update is available for go-toolset, golang. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset provides the Go programming language tools and librarie...

Rocky Linux 9 : go-toolset and golang (RLSA-2023:3923)

The remote Rocky Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:3923 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses...

Oracle Linux 9 : go-toolset / and / golang (ELSA-2023-3923)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3923 advisory. - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 go-toolset Tenable has extracted the preceding description block...

Oracle Linux 8 : go-toolset:ol8 (ELSA-2023-3922)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-3922 advisory. - New Go version 1.19.10 CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405 go-toolset Tenable has extracted the preceding description block...

AlmaLinux 9 : go-toolset and golang (ALSA-2023:3923)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3923 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses cg...

Critical: Red Hat Security Advisory: go-toolset:rhel8 security update

An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

golang: runtime: unexpected behavior of setuid/setgid binaries

On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state or assuming the status of standard I/O file descriptors. If a setuid/setgid binary is executed with standard I/...

AlmaLinux 8 : go-toolset:rhel8 (ALSA-2023:3922)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:3922 advisory. golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary code ...

ALSA-2023:3923 Critical: go-toolset and golang security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The golang packages provide the Go programming language compiler. Security Fixes: golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang:...

CentOS 8 : go-toolset:rhel8 (CESA-2023:3922)

The remote CentOS Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the CESA-2023:3922 advisory. - The go command may generate unexpected code at build time when using cgo. This may result in unexpected behavior when running a go program which uses...

ALSA-2023:3922 Critical: go-toolset:rhel8 security update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fixes: golang: cmd/go: go command may generate unexpected code at build time when using cgo CVE-2023-29402 golang: cmd/go: go command may execute arbitrary code at build time when...