Oval Definition:oval:com.redhat.rhsa:def:20180878
Revision Date:2018-04-10Version:640
Title:RHSA-2018:0878: golang security, bug fix, and enhancement update (Moderate)
Description:The golang packages provide the Go programming language compiler.

  • The following packages have been upgraded to a later upstream version: golang (1.9.4). (BZ#1479095, BZ#1499827)

    Security Fix(es):

  • golang: arbitrary code execution during "go get" or "go get -d" (CVE-2017-15041)

  • golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting (CVE-2017-15042)

  • golang: arbitrary code execution during "go get" via C compiler options (CVE-2018-6574)

    For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2017-15041
    CVE-2017-15042
    CVE-2018-6574
    RHSA-2018:0878
    RHSA-2018:0878-00
    RHSA-2018:0878-01
    Platform(s):Red Hat Enterprise Linux 7
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 7 is installed
  • AND
  • golang is earlier than 0:1.9.4-1.el7
  • AND golang is signed with Red Hat redhatrelease2 key
  • golang-bin is earlier than 0:1.9.4-1.el7
  • AND golang-bin is signed with Red Hat redhatrelease2 key
  • golang-docs is earlier than 0:1.9.4-1.el7
  • AND golang-docs is signed with Red Hat redhatrelease2 key
  • golang-misc is earlier than 0:1.9.4-1.el7
  • AND golang-misc is signed with Red Hat redhatrelease2 key
  • golang-src is earlier than 0:1.9.4-1.el7
  • AND golang-src is signed with Red Hat redhatrelease2 key
  • golang-tests is earlier than 0:1.9.4-1.el7
  • AND golang-tests is signed with Red Hat redhatrelease2 key
    • BACK