Описание
Security update for go1.17
This update for go1.17 fixes the following issues:
-
CVE-2022-29526: Fixed faccessat() system call operation that checked the wrong group (bsc#1199413).
-
go1.17.10 (released 2022-05-10) (bsc#1190649).
Список пакетов
Container bci/golang:1.17
go1.17-1.17.10-150000.1.34.1
SUSE Linux Enterprise Module for Development Tools 15 SP3
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
go1.17-race-1.17.10-150000.1.34.1
SUSE Linux Enterprise Module for Development Tools 15 SP4
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
go1.17-race-1.17.10-150000.1.34.1
openSUSE Leap 15.3
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
go1.17-race-1.17.10-150000.1.34.1
openSUSE Leap 15.4
go1.17-1.17.10-150000.1.34.1
go1.17-doc-1.17.10-150000.1.34.1
go1.17-race-1.17.10-150000.1.34.1
Ссылки
- Link for SUSE-SU-2022:1862-1
- E-Mail link for SUSE-SU-2022:1862-1
- SUSE Security Ratings
- SUSE Bug 1190649
- SUSE Bug 1199413
- SUSE CVE CVE-2022-29526 page
Описание
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Затронутые продукты
Container bci/golang:1.17:go1.17-1.17.10-150000.1.34.1
SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-1.17.10-150000.1.34.1
SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-doc-1.17.10-150000.1.34.1
SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.17-race-1.17.10-150000.1.34.1
Ссылки
- CVE-2022-29526
- SUSE Bug 1199413