Lucene search
SuseOPENSUSE-SU-2018:4181-1HistoryDec 19, 2018 - 12:09 p.m.
Security update for go1.11 (important)
2018-12-1912:09:04
lists.opensuse.org
68
0.491 Medium
EPSS
Percentile
97.2%
This new package for go1.11 fixes the following issues:
Security issues fixed:
- CVE-2018-16873: Fixed a remote code execution in go get, when executed
with the -u flag (bsc#1118897) - CVE-2018-16874: Fixed an arbitrary filesystem write in go get, which
could lead to code execution (bsc#1118898) - CVE-2018-16875: Fixed a Denial of Service in the crypto/x509 package
during certificate chain validation(bsc#1118899)
Non-security issues fixed:
- Fixed build error with PIE linker flags on ppc64le (bsc#1113978
bsc#1098017) - Make profile.d/go.sh no longer set GOROOT=, in order to make switching
between versions no longer break. This ends up removing the need for
go.sh entirely (because GOPATH is also set automatically) (bsc#1119634)
The following tracked regression fix is included:
- Fix a regression that broke go get for import path patterns containing
"…" (bsc#1119706)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| openSUSE Leap | 42.3 | i586 | go1.11-doc | < 1.11.4-2.1 | go1.11-doc-1.11.4-2.1.i586.rpm |
| openSUSE Leap | 15.0 | x86_64 | go1.11-doc | < 1.11.4-lp150.2.1 | go1.11-doc-1.11.4-lp150.2.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | go1.11-doc | < 1.11.4-2.1 | go1.11-doc-1.11.4-2.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | go1.11 | < 1.11.4-lp150.2.1 | go1.11-1.11.4-lp150.2.1.x86_64.rpm |
| openSUSE Leap | 42.3 | i586 | go1.11 | < 1.11.4-2.1 | go1.11-1.11.4-2.1.i586.rpm |
| openSUSE Leap | 42.3 | x86_64 | go1.11-race | < 1.11.4-2.1 | go1.11-race-1.11.4-2.1.x86_64.rpm |
| openSUSE Leap | 42.3 | x86_64 | go1.11 | < 1.11.4-2.1 | go1.11-1.11.4-2.1.x86_64.rpm |
| openSUSE Leap | 15.0 | x86_64 | go1.11-race | < 1.11.4-lp150.2.1 | go1.11-race-1.11.4-lp150.2.1.x86_64.rpm |
Related
nessus
nessus
SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2019:0048-1)
2019-01-10 00:00:00
GLSA-201812-09 : Go: Multiple vulnerabilities
2018-12-24 00:00:00
SUSE SLES15 Security Update : helm-mirror (SUSE-SU-2019:0048-2)
2019-07-05 00:00:00
openvas
openvas
openSUSE: Security Advisory for go1.10 (openSUSE-SU-2018:4255-1)
2018-12-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:0048-2)
2021-06-09 00:00:00
Mageia: Security Advisory (MGASA-2019-0180)
2022-01-28 00:00:00
mageia
mageia
Updated docker packages fix security vulnerability
2019-05-19 14:27:30
Updated golang packages fix security vulnerability
2019-02-13 14:08:25
suse
suse
Security update for helm (moderate)
2019-07-14 00:00:00
Security update for go1.10 (important)
2018-12-23 00:08:46
Security update for docker (moderate)
2019-02-16 00:00:00
gentoo
gentoo
Go: Multiple vulnerabilities
2018-12-21 00:00:00
fedora
fedora
[SECURITY] Fedora 28 Update: golang-1.10.7-1.fc28
2019-01-11 03:00:42
[SECURITY] Fedora 29 Update: golang-1.11.4-1.fc29
2019-01-11 04:35:42
[SECURITY] Fedora 28 Update: golang-1.10.8-1.fc28
2019-02-20 02:37:34
arista
arista
Security Advisory 0039
2019-01-16 00:00:00
archlinux
archlinux
[ASA-201812-11] go: multiple issues
2018-12-18 00:00:00
[ASA-201812-12] go-pie: multiple issues
2018-12-18 00:00:00
ibm
ibm
Security Bulletin: IBM Cloud Private for Data is affected by multiple vulnerabilties in Go Language (CVE-2018-16874, CVE-2018-16873, CVE-2018-16875)
2019-10-03 22:50:40
Security Bulletin: Multiple Vulnerabilities in Go affects IBM Watson Studio Local
2019-12-20 13:58:07
Security Bulletin: IBM Event Streams is affected by Go vulnerabilities
2019-03-29 11:00:02
amazon
amazon
Important: golang
2018-12-14 18:50:00
redhatcve
redhatcve
cve
cve
osv
osv
CVE-2018-16875
2018-12-14 14:29:00
Directory traversal via "go get" command in cmd/go
2022-08-02 15:44:23
CVE-2018-16873
2018-12-14 14:29:00
prion
prion
Directory traversal
2018-12-14 14:29:00
Design/Logic Flaw
2018-12-14 14:29:00
Code injection
2018-12-14 14:29:00
debiancve
debiancve
veracode
veracode
Remote Code Execution (RCE)
2021-03-14 00:10:58
Directory Traversal
2021-03-14 00:10:59
Remote Code Execution (RCE)
2018-12-17 09:16:57
ubuntucve
ubuntucve
debian
debian
[SECURITY] [DLA 2592-1] golang-1.8 security update
2021-03-13 18:37:54
[SECURITY] [DLA 2591-1] golang-1.7 security update
2021-03-13 18:37:17
photon
photon
Home
Download Photon OS
User Documentation
FAQ
Security Advisories
Related Information
Lightwave - PHSA-2019-2.0-0167
2019-06-28 00:00:00
Critical Photon OS Security Update - PHSA-2019-0023
2019-07-04 00:00:00
Critical Photon OS Security Update - PHSA-2019-3.0-0023
2019-07-03 00:00:00
oraclelinux
oraclelinux
kubernetes kubeadm-upgrade kubeadm-ha-setup security update
2019-04-13 00:00:00
kubernetes kubeadm-ha-setup kubeadm-upgrade security update
2020-04-17 00:00:00