Oval Definition:
oval:org.opensuse.security:def:119651
Revision Date
:
2022-08-04
Version
:
1
Title
:
Security update for go1.17 (Important)
Description
:
This update for go1.17 fixes the following issues:
Update to go version 1.17.13 (bsc#1190649):
- CVE-2022-32189: encoding/gob, math/big: decoding big.Float and big.Rat can panic (bsc#1202035). - CVE-2022-30635: encoding/gob: stack exhaustion in Decoder.Decode (bsc#1201444). - CVE-2022-30631: compress/gzip: stack exhaustion in Reader.Read (bsc#1201437). - CVE-2022-1962: go/parser: stack exhaustion in all Parse* functions (bsc#1201448). - CVE-2022-28131: encoding/xml: stack exhaustion in Decoder.Skip (bsc#1201443). - CVE-2022-1705: net/http: improper sanitization of Transfer-Encoding header (bsc#1201434) - CVE-2022-30630: io/fs: stack exhaustion in Glob (bsc#1201447). - CVE-2022-32148: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (bsc#1201436) - CVE-2022-30632: path/filepath: stack exhaustion in Glob (bsc#1201445). - CVE-2022-30633: encoding/xml: stack exhaustion in Unmarshal (bsc#1201440).
Family
:
unix
Class
:
patch
Status
:
Reference(s)
:
1190649
1201434
1201436
1201437
1201440
1201443
1201444
1201445
1201447
1201448
1202035
CVE-2022-1705
CVE-2022-1962
CVE-2022-28131
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-30635
CVE-2022-32148
CVE-2022-32189
SUSE-SU-2022:2671-1
Platform(s)
:
SUSE Linux Enterprise Server for SAP Applications 15 SP2
Product(s)
:
Definition Synopsis
SUSE Linux Enterprise Server for SAP Applications 15 SP2 is installed
AND
Package Information
go1.17-1.17.13-150000.1.42.1 is installed
OR
go1.17-doc-1.17.13-150000.1.42.1 is installed
OR
go1.17-race-1.17.13-150000.1.42.1 is installed
BACK