Oval Definition:oval:org.opensuse.security:def:65430
Revision Date:2020-12-01Version:1
Title:Security update for go1.12 (Moderate)
Description:

This update for go1.12 fixes the following issues:

Security issues fixed:

- CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111). - CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115). - CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).

Bugfixes:

- Update to go version 1.12.9 (bsc#1141689). - Adding Web Assembly stuff from misc/wasm (bsc#1139210).
Family:unixClass:patch
Status:Reference(s):1138529
1139210
1141689
1146111
1146115
1146123
1152856
1154212
CVE-2019-14809
CVE-2019-2894
CVE-2019-2933
CVE-2019-2945
CVE-2019-2949
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2975
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2987
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2999
CVE-2019-9512
CVE-2019-9514
SUSE-SU-2019:2214-1
SUSE-SU-2019:3238-1
Platform(s):SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • go1.12-1.12.9-1.15 is installed
  • OR go1.12-doc-1.12.9-1.15 is installed
  • OR go1.12-race-1.12.9-1.15 is installed
    • BACK