Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
Please login to access the resource
SUSE:SLE-15-SP1:GA
patchinfo.7804
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.7804
<patchinfo incident="7804"> <issue tracker="bnc" id="1081495"></issue> <issue tracker="bnc" id="1085785"></issue> <issue tracker="cve" id="2018-7187"/> <category>security</category> <rating>moderate</rating> <packager>AndreasStieger</packager> <description>This update for go and go1.9 fixes the following issues: The following security issues have been addressed for both packages: - CVE-2018-7187: Fixed the validation of the import path in the go get command, which allowed for arbitrary command execution via VCS path when the -insecure flag is used (bsc#1081495) The following other changes have been made for go1.9: - Fixes to the go command and the crypto/x509 and strings packages, which add minimal support to the go command for the vgo transition. - Several fixes to the compiler and go command - Fixed various issues in go trace (bsc#1085785): - Ensure go binaries are not stripped (eg: go tools trace), this caused some of them to misbehave - Ensure go trace html template is shipped as part of the installation, otherwise the web UI won't work For details on any other changes see the Go milestones on the official issue tracker. </description> <summary>Security update for go, go1.9</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor