Oval Definition:oval:org.opensuse.security:def:52197
Revision Date:2020-12-01Version:1
Title:Security update for go1.14 (Important)
Description:

This update for go1.14 fixes the following issues:

- go1.14 was updated to version 1.14.7 - CVE-2020-16845: dUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (bsc#1174977).

- go1.14.6 (released 2020-07-16) includes fixes to the go command, the compiler, the linker, vet, and the database/sql, encoding/json, net/http, reflect, and testing packages. Refs bsc#1164903 go1.14 release tracking Refs bsc#1174153 bsc#1174191 * go#39991 runtime: missing deferreturn on linux/ppc64le * go#39920 net/http: panic on misformed If-None-Match Header with http.ServeContent * go#39849 cmd/compile: internal compile error when using sync.Pool: mismatched zero/store sizes * go#39824 cmd/go: TestBuildIDContainsArchModeEnv/386 fails on linux/386 in Go 1.14 and 1.13, not 1.15 * go#39698 reflect: panic from malloc after MakeFunc function returns value that is also stored globally * go#39636 reflect: DeepEqual can return true for values that are not equal * go#39585 encoding/json: incorrect object key unmarshaling when using custom TextUnmarshaler as Key with string va lues * go#39562 cmd/compile/internal/ssa: TestNexting/dlv-dbg-hist failing on linux-386-longtest builder because it trie s to use an older version of dlv which only supports linux/amd64 * go#39308 testing: streaming output loses parallel subtest associations * go#39288 cmd/vet: update for new number formats * go#39101 database/sql: context cancellation allows statements to execute after rollback * go#38030 doc: BuildNameToCertificate deprecated in go 1.14 not mentioned in the release notes * go#40212 net/http: Expect 100-continue panics in httputil.ReverseProxy bsc#1174153 CVE-2020-15586 * go#40210 crypto/x509: Certificate.Verify method seemingly ignoring EKU requirements on Windows bsc#1174191 CVE-2020-14039 (Windows only) - Add patch to ensure /etc/hosts is used if /etc/nsswitch.conf is not present bsc#1172868 gh#golang/go#35305
Family:unixClass:patch
Status:Reference(s):1051510
1071995
1082318
1088047
1098633
1103990
1103991
1103992
1106383
1109837
1111666
1112374
1114685
1119113
1119532
1120423
1125703
1128902
1130836
1131645
1132390
1133297
1133401
1133738
1134303
1134395
1135556
1135642
1135897
1136161
1136264
1136343
1136935
1137625
1137728
1138879
1139712
1139751
1139771
1139865
1140133
1140228
1140328
1140405
1140424
1140428
1140454
1140463
1140575
1140577
1140637
1140658
1140715
1140719
1140726
1140727
1140728
1140814
1140887
1140888
1140889
1140891
1140893
1140948
1140954
1140955
1140956
1140957
1140958
1140959
1140960
1140961
1140962
1140964
1140971
1140972
1140992
1159329
1161719
1163809
1164903
1168994
1169832
1170826
1172515
1172868
1173812
1174153
1174191
1174463
1174570
1174977
1176315
1178593
CVE-2006-2607
CVE-2007-6746
CVE-2010-0405
CVE-2010-0424
CVE-2011-2513
CVE-2011-2514
CVE-2011-3377
CVE-2012-3422
CVE-2012-3423
CVE-2012-4540
CVE-2013-1926
CVE-2013-1927
CVE-2013-4349
CVE-2014-9645
CVE-2014-9654
CVE-2015-5234
CVE-2015-5235
CVE-2015-7236
CVE-2016-1601
CVE-2017-18926
CVE-2017-5209
CVE-2017-5545
CVE-2017-5834
CVE-2017-5835
CVE-2017-5836
CVE-2017-6440
CVE-2017-7982
CVE-2018-20836
CVE-2019-10126
CVE-2019-10638
CVE-2019-10639
CVE-2019-11599
CVE-2019-13233
CVE-2019-8835
CVE-2019-8844
CVE-2019-8846
CVE-2020-10713
CVE-2020-14039
CVE-2020-14308
CVE-2020-14309
CVE-2020-14310
CVE-2020-14311
CVE-2020-15586
CVE-2020-15706
CVE-2020-15707
CVE-2020-16845
CVE-2020-17507
CVE-2020-3862
CVE-2020-3864
CVE-2020-3865
CVE-2020-3867
CVE-2020-3868
SUSE-SU-2019:1854-1
SUSE-SU-2020:0468-1
SUSE-SU-2020:1396-2
SUSE-SU-2020:2073-1
SUSE-SU-2020:2748-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15 SP1
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND autofs-5.1.3-lp150.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • dhcp-4.2.4.P2-0.11.13 is installed
  • OR dhcp-client-4.2.4.P2-0.11.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libtidy-1.0-37 is installed
  • OR tidy-1.0-37 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • cron-4.2-55 is installed
  • OR cronie-1.4.11-55 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • java-1_7_0-openjdk-plugin-1.6.1-2.3 is installed
  • OR java-1_8_0-openjdk-plugin-1.6.1-2.4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • icu-52.1-7 is installed
  • OR libicu52_1-52.1-7 is installed
  • OR libicu52_1-32bit-52.1-7 is installed
  • OR libicu52_1-data-52.1-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • libplist++3-1.12-19 is installed
  • OR libplist3-1.12-19 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND busybox-1.21.1-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • go1.14-1.14.7-1.15 is installed
  • OR go1.14-doc-1.14.7-1.15 is installed
  • OR go1.14-race-1.14.7-1.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.91-21 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.91-21 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.91-21 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.91-21 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_67-60_64_21-default-10-4 is installed
  • OR kgraft-patch-3_12_67-60_64_21-xen-10-4 is installed
  • OR kgraft-patch-SLE12-SP1_Update_10-10-4 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr3.0-10 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr3.0-10 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr3.0-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • gstreamer-plugins-base-1.8.3-13.3 is installed
  • OR gstreamer-plugins-base-lang-1.8.3-13.3 is installed
  • OR libgstallocators-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-1.8.3-13.3 is installed
  • OR libgstapp-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-1.8.3-13.3 is installed
  • OR libgstaudio-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstfft-1_0-0-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-1.8.3-13.3 is installed
  • OR libgstpbutils-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstriff-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtp-1_0-0-1.8.3-13.3 is installed
  • OR libgstrtsp-1_0-0-1.8.3-13.3 is installed
  • OR libgstsdp-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-1.8.3-13.3 is installed
  • OR libgsttag-1_0-0-32bit-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-1.8.3-13.3 is installed
  • OR libgstvideo-1_0-0-32bit-1.8.3-13.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • gvim-7.4.326-17.3 is installed
  • OR vim-7.4.326-17.3 is installed
  • OR vim-data-7.4.326-17.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_114-92_67-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_19-5-2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gpg2-2.0.24-8 is installed
  • OR gpg2-lang-2.0.24-8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • glibc-2.22-62.22 is installed
  • OR glibc-32bit-2.22-62.22 is installed
  • OR glibc-devel-2.22-62.22 is installed
  • OR glibc-devel-32bit-2.22-62.22 is installed
  • OR glibc-html-2.22-62.22 is installed
  • OR glibc-i18ndata-2.22-62.22 is installed
  • OR glibc-info-2.22-62.22 is installed
  • OR glibc-locale-2.22-62.22 is installed
  • OR glibc-locale-32bit-2.22-62.22 is installed
  • OR glibc-profile-2.22-62.22 is installed
  • OR glibc-profile-32bit-2.22-62.22 is installed
  • OR nscd-2.22-62.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kernel-default-4.4.180-94.103 is installed
  • OR kernel-default-base-4.4.180-94.103 is installed
  • OR kernel-default-devel-4.4.180-94.103 is installed
  • OR kernel-devel-4.4.180-94.103 is installed
  • OR kernel-macros-4.4.180-94.103 is installed
  • OR kernel-source-4.4.180-94.103 is installed
  • OR kernel-syms-4.4.180-94.103 is installed
  • OR kgraft-patch-4_4_180-94_103-default-1-4.3 is installed
  • OR kgraft-patch-SLE12-SP3_Update_28-1-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_155-94_50-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_17-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • openssh-7.2p2-74.23 is installed
  • OR openssh-askpass-gnome-7.2p2-74.23 is installed
  • OR openssh-fips-7.2p2-74.23 is installed
  • OR openssh-helpers-7.2p2-74.23 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • expat-2.1.0-21.3 is installed
  • OR libexpat1-2.1.0-21.3 is installed
  • OR libexpat1-32bit-2.1.0-21.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • libQt5Concurrent-devel-5.9.4-8.24 is installed
  • OR libQt5Concurrent5-5.9.4-8.24 is installed
  • OR libQt5Core-devel-5.9.4-8.24 is installed
  • OR libQt5Core-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Core5-5.9.4-8.24 is installed
  • OR libQt5DBus-devel-5.9.4-8.24 is installed
  • OR libQt5DBus-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5DBus5-5.9.4-8.24 is installed
  • OR libQt5Gui-devel-5.9.4-8.24 is installed
  • OR libQt5Gui-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Gui5-5.9.4-8.24 is installed
  • OR libQt5KmsSupport-devel-static-5.9.4-8.24 is installed
  • OR libQt5KmsSupport-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Network-devel-5.9.4-8.24 is installed
  • OR libQt5Network-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Network5-5.9.4-8.24 is installed
  • OR libQt5OpenGL-devel-5.9.4-8.24 is installed
  • OR libQt5OpenGL-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5OpenGL5-5.9.4-8.24 is installed
  • OR libQt5PlatformHeaders-devel-5.9.4-8.24 is installed
  • OR libQt5PlatformSupport-devel-static-5.9.4-8.24 is installed
  • OR libQt5PlatformSupport-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5PrintSupport-devel-5.9.4-8.24 is installed
  • OR libQt5PrintSupport-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5PrintSupport5-5.9.4-8.24 is installed
  • OR libQt5Sql-devel-5.9.4-8.24 is installed
  • OR libQt5Sql-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Sql5-5.9.4-8.24 is installed
  • OR libQt5Sql5-sqlite-5.9.4-8.24 is installed
  • OR libQt5Test-devel-5.9.4-8.24 is installed
  • OR libQt5Test-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Test5-5.9.4-8.24 is installed
  • OR libQt5Widgets-devel-5.9.4-8.24 is installed
  • OR libQt5Widgets-private-headers-devel-5.9.4-8.24 is installed
  • OR libQt5Widgets5-5.9.4-8.24 is installed
  • OR libQt5Xml-devel-5.9.4-8.24 is installed
  • OR libQt5Xml5-5.9.4-8.24 is installed
  • OR libqt5-qtbase-5.9.4-8.24 is installed
  • OR libqt5-qtbase-common-devel-5.9.4-8.24 is installed
  • OR libqt5-qtbase-devel-5.9.4-8.24 is installed
  • OR libqt5-qtbase-private-headers-devel-5.9.4-8.24 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • libzstd1-1.4.4-1.3 is installed
  • OR libzstd1-32bit-1.4.4-1.3 is installed
  • OR zstd-1.4.4-1.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.10 is installed
  • OR kernel-default-extra-4.12.14-197.10 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • bind-9.9.9P1-63.7 is installed
  • OR bind-chrootenv-9.9.9P1-63.7 is installed
  • OR bind-devel-9.9.9P1-63.7 is installed
  • OR bind-doc-9.9.9P1-63.7 is installed
  • OR bind-libs-9.9.9P1-63.7 is installed
  • OR bind-libs-32bit-9.9.9P1-63.7 is installed
  • OR bind-utils-9.9.9P1-63.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • git-2.12.3-27.14 is installed
  • OR git-core-2.12.3-27.14 is installed
  • OR git-doc-2.12.3-27.14 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • ardana-monasca-8.0+git.1535031421.9262a47-3.12 is installed
  • OR ardana-spark-8.0+git.1534267176.a5f3a22-3.6 is installed
  • OR kafka-0.10.2.2-5.6 is installed
  • OR openstack-monasca-api-2.2.1~dev24-3.6 is installed
  • OR python-monasca-api-2.2.1~dev24-3.6 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-haml-4.0.6-3.3 is installed
  • OR rubygem-haml-4.0.6-3.3 is installed
    • BACK