Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2020-0329

Опубликовано: 17 фев. 2020
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2020-0329: go-toolset:ol8 security update (MODERATE)

go-toolset [1.12.12-1]

  • Update for golang package fixes

[1.12.12-1]

  • Bump version to 1.12.12

golang [1.12.12-4.0.1]

[1.12.12-4]

  • Fix boring/aes_test.go tags

[1.12.12-3]

  • Fix tarball

[1.12.12-2]

  • Fix stub boring.(Sign/Verify)RSAPKCS1v15 functions

[1.12.12-1]

  • Rebase to 1.12.12
  • Revert to Sign/Verify operations not expected unhashed inputs
  • Remove previously added verbose output
  • Better expose openssl errors

[1.12.8-4]

  • Reduce number of threads when testing on i686

[1.12.8-3]

  • Relax FIPS requirements to unblock OpenShift testing

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module go-toolset:ol8 is enabled

go-toolset

1.12.12-2.module+el8.1.0+5478+8384556e

golang

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-bin

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-docs

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-misc

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-src

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-tests

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

Oracle Linux x86_64

Module go-toolset:ol8 is enabled

go-toolset

1.12.12-2.module+el8.1.0+5478+8384556e

golang

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-bin

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-docs

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-misc

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-race

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-src

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

golang-tests

1.12.12-4.0.1.module+el8.1.0+5478+8384556e

Связанные CVE

CVE-2019-16276
CVE-2019-17596

Ссылки на источники

Связанные уязвимости

suse-cvrf логотип

openSUSE-SU-2019:2522-1

suse-cvrf
больше 5 лет назад

Security update for go1.12

suse-cvrf логотип

openSUSE-SU-2019:2521-1

suse-cvrf
больше 5 лет назад

Security update for go1.12

ubuntu логотип

CVE-2019-17596

CVSS3: 7.5
ubuntu
больше 5 лет назад

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

redhat логотип

CVE-2019-17596

CVSS3: 7.5
redhat
больше 5 лет назад

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

nvd логотип

CVE-2019-17596

CVSS3: 7.5
nvd
больше 5 лет назад

Go before 1.12.11 and 1.3.x before 1.13.2 can panic upon an attempt to process network traffic containing an invalid DSA public key. There are several attack scenarios, such as traffic from a client to a server that verifies client certificates.

Уязвимость ELSA-2020-0329