Описание
Security update for go1.18
This update for go1.18 fixes the following issues:
-
CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413).
-
go1.18.2 (released 2022-05-10) (bsc#1193742).
Список пакетов
Container bci/golang:1.18
go1.18-1.18.2-150000.1.17.1
Container bci/golang:latest
go1.18-1.18.2-150000.1.17.1
SUSE Linux Enterprise Module for Development Tools 15 SP3
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
go1.18-race-1.18.2-150000.1.17.1
SUSE Linux Enterprise Module for Development Tools 15 SP4
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
go1.18-race-1.18.2-150000.1.17.1
openSUSE Leap 15.3
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
go1.18-race-1.18.2-150000.1.17.1
openSUSE Leap 15.4
go1.18-1.18.2-150000.1.17.1
go1.18-doc-1.18.2-150000.1.17.1
go1.18-race-1.18.2-150000.1.17.1
Ссылки
- Link for SUSE-SU-2022:1829-1
- E-Mail link for SUSE-SU-2022:1829-1
- SUSE Security Ratings
- SUSE Bug 1193742
- SUSE Bug 1199413
- SUSE CVE CVE-2022-29526 page
Описание
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Затронутые продукты
Container bci/golang:1.18:go1.18-1.18.2-150000.1.17.1
Container bci/golang:latest:go1.18-1.18.2-150000.1.17.1
SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-1.18.2-150000.1.17.1
SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.18-doc-1.18.2-150000.1.17.1
Ссылки
- CVE-2022-29526
- SUSE Bug 1199413