Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2021:1746

Опубликовано: 18 мая 2021
Источник: rocky
Оценка: Moderate

Описание

Moderate: go-toolset:rhel8 security, bug fix, and enhancement update

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.

The following packages have been upgraded to a later upstream version: golang (1.15.7), delve (1.5.0). (BZ#1870531)

Security Fix(es):

  • golang: crypto/elliptic: incorrect operations on the P-224 curve (CVE-2021-3114)

  • golang: cmd/go: packages using cgo can cause arbitrary code execution at build time (CVE-2021-3115)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 8

НаименованиеАрхитектураРелизRPM
delvex86_642.module+el8.4.0+396+d2d16ae3delve-1.5.0-2.module+el8.4.0+396+d2d16ae3.x86_64.rpm
golangx86_641.module+el8.4.0+396+d2d16ae3golang-1.15.7-1.module+el8.4.0+396+d2d16ae3.x86_64.rpm
golang-binx86_641.module+el8.4.0+396+d2d16ae3golang-bin-1.15.7-1.module+el8.4.0+396+d2d16ae3.x86_64.rpm
golang-docsnoarch1.module+el8.4.0+396+d2d16ae3golang-docs-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm
golang-docsnoarch1.module+el8.4.0+396+d2d16ae3golang-docs-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm
golang-miscnoarch1.module+el8.4.0+396+d2d16ae3golang-misc-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm
golang-miscnoarch1.module+el8.4.0+396+d2d16ae3golang-misc-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm
golang-racex86_641.module+el8.4.0+396+d2d16ae3golang-race-1.15.7-1.module+el8.4.0+396+d2d16ae3.x86_64.rpm
golang-srcnoarch1.module+el8.4.0+396+d2d16ae3golang-src-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm
golang-srcnoarch1.module+el8.4.0+396+d2d16ae3golang-src-1.15.7-1.module+el8.4.0+396+d2d16ae3.noarch.rpm

Показывать по

Связанные CVE

CVE-2021-3114
CVE-2021-3115

Ссылки на источники

Исправления

Связанные уязвимости

suse-cvrf логотип

openSUSE-SU-2021:0194-1

suse-cvrf
около 5 лет назад

Security update for go1.14

suse-cvrf логотип

openSUSE-SU-2021:0192-1

suse-cvrf
около 5 лет назад

Security update for go1.15

suse-cvrf логотип

openSUSE-SU-2021:0190-1

suse-cvrf
около 5 лет назад

Security update for go1.14

suse-cvrf логотип

SUSE-SU-2021:0223-1

suse-cvrf
около 5 лет назад

Security update for go1.15

suse-cvrf логотип

SUSE-SU-2021:0222-1

suse-cvrf
около 5 лет назад

Security update for go1.14