Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12:Update
patchinfo.20142
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.20142
<patchinfo incident="20142"> <issue tracker="cve" id="2021-33196"/> <issue tracker="cve" id="2021-33198"/> <issue tracker="cve" id="2021-33197"/> <issue tracker="cve" id="2021-33195"/> <issue tracker="bnc" id="1186622">VUL-0: CVE-2021-33196: go1.14,go1.15,go1.16: Malformed archive may cause panic or memory exhaustion</issue> <issue tracker="bnc" id="1187443">VUL-0: CVE-2021-33195: go1.16,go1.15: go: net: Lookup functions may return invalid host names</issue> <issue tracker="bnc" id="1187445">VUL-0: CVE-2021-33198: go1.16,go1.15: go: math/big.Rat SetString and UnmarshalText panic with very large exponents</issue> <issue tracker="bnc" id="1187444">VUL-0: CVE-2021-33197: go1.16,go1.15: go: net/http/httputil: ReverseProxy forwards Connection headers if first one is empty</issue> <issue tracker="bnc" id="1182345">go1.16 release tracking</issue> <packager>jfkw</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for go1.16</summary> <description>This update for go1.16 fixes the following issues: - go1.16.5 (released 2021-06-03) includes security fixes to the archive/zip, math/big, net, and net/http/httputil packages, as well as bug fixes to the linker, the go command, and the net/http package. CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198 Refs bsc#1182345 go1.16 release tracking * bsc#1187443 go#46241 CVE-2021-33195 * go#46357 net: Lookup functions may return invalid host names * go#46530 net: Unix dnsclient test for CVE-2021-33195 assumes that 1.2.3.4 does not resolve * bsc#1186622 go#46242 CVE-2021-33196 * go#46397 archive/zip: malformed archive may cause panic or memory exhaustion * bsc#1187444 go#46313 CVE-2021-33197 * go#46315 net/http/httputil: ReverseProxy forwards Connection headers if first one is empty * bsc#1187445 go#45910 CVE-2021-33198 * go#46306 math/big: (*Rat).SetString with "1.770p02041010010011001001" crashes with "makeslice: len out of range" * go#46214 cmd/go: make go mod download with no arguments leave go.sum alone * go#46144 cmd/go: error out of 'go mod tidy' if the go.mod file specifies a newer-than-supported Go version * go#46128 cmd/link: internal error when externally linking very large binaries * go#45927 cmd/link: SIGSEGV running 'openshift-install version' for release-4.8 using external linking on PPC64LE * go#45832 cmd/link: unexpected trampoline when cross-compiling to ppc64le </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor
