Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-15-SP1:Update
patchinfo.31425
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.31425
<patchinfo incident="31425"> <issue tracker="bnc" id="1215985">VUL-0: CVE-2023-39323: go1.20,go1.21: cmd/go: line directives allows arbitrary execution during build</issue> <issue tracker="bnc" id="1216944">VUL-0: CVE-2023-45284: go1.20,go1.21: path/filepath: recognize device names with trailing spaces and superscripts</issue> <issue tracker="bnc" id="1216943">VUL-0: CVE-2023-45283: go1.20,go1.21: path/filepath: recognize \??\ as a Root Local Device path prefix</issue> <issue tracker="bnc" id="1216109">VUL-0: CVE-2023-39325: go1.20,go1.21: net/http: rapid stream resets can cause excessive work</issue> <issue tracker="bnc" id="1206346">go1.20 release tracking</issue> <issue tracker="cve" id="2023-45283"/> <issue tracker="cve" id="2023-44487"/> <issue tracker="cve" id="2023-39325"/> <issue tracker="cve" id="2023-45284"/> <issue tracker="cve" id="2023-39323"/> <packager>jfkw</packager> <rating>important</rating> <category>security</category> <summary>Security update for go1.20-openssl</summary> <description>This update for go1.20-openssl fixes the following issues: Update to version 1.20.11.1 cut from the go1.20-openssl-fips branch at the revision tagged go1.20.11-1-openssl-fips. * Update to go1.20.11 go1.20.11 (released 2023-11-07) includes security fixes to the path/filepath package, as well as bug fixes to the linker and the net/http package. * security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944) * cmd/link: split text sections for arm 32-bit * net/http: http2 page fails on firefox/safari if pushing resources Update to version 1.20.10.1 cut from the go1.20-openssl-fips branch at the revision tagged go1.20.10-1-openssl-fips. * Update to go1.20.10 go1.20.10 (released 2023-10-10) includes a security fix to the net/http package. * security: fix CVE-2023-39325 CVE-2023-44487 net/http: rapid stream resets can cause excessive work (bsc#1216109) go1.20.9 (released 2023-10-05) includes one security fixes to the cmd/go package, as well as bug fixes to the go command and the linker. * security: fix CVE-2023-39323 cmd/go: line directives allows arbitrary execution during build (bsc#1215985) * cmd/link: issues with Apple's new linker in Xcode 15 beta </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor