products/SUSE_ALP_Standard
9
0
Fork 1
Code Issues 1 Pull Requests Packages Projects Releases Wiki Activity
0b7e773729
SUSE_ALP_Standard/patchinfo.20241104100820674902.269002615871826/_patchinfo

57 lines
3.7 KiB
Plaintext
Raw Blame History

<patchinfo incident="85">
<!-- generated from request(s) 349645, 349761, 349766 -->
<issue tracker="bnc" id="1212475">go1.21 release tracking</issue>
<issue tracker="bnc" id="1218424">go1.22 release tracking</issue>
<issue tracker="bnc" id="1229122">go1.23 release tracking</issue>
<issue tracker="bnc" id="1219988">go1.20,go1.21,go1.22: ensure VERSION file is present in go1.x toolchain GOROOT</issue>
<issue tracker="bnc" id="1220999">VUL-0: CVE-2024-24783 go1.21,go1.22: crypto/x509: Verify panics on certificates with an unknown public key algorithm</issue>
<issue tracker="bnc" id="1221000">VUL-0: CVE-2023-45289 go1.21,go1.22: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect</issue>
<issue tracker="bnc" id="1221001">VUL-0: CVE-2023-45290 go1.21,go1.22: net/http: memory exhaustion in Request.ParseMultipartForm</issue>
<issue tracker="bnc" id="1221002">VUL-0: CVE-2024-24784 go1.21,go1.22: net/mail: comments in display names are incorrectly handled</issue>
<issue tracker="bnc" id="1221003">VUL-0: CVE-2024-24785 go1.21,go1.22: html/template: errors returned from MarshalJSON methods may break template escaping</issue>
<issue tracker="bnc" id="1221400">VUL-0: CVE-2023-45288: go1.21,go1.22: net/http, x/net/http2: close connections when receiving too many headers</issue>
<issue tracker="bnc" id="1224017">VUL-0: CVE-2024-24787: go1.21,go1.22: cmd/go: arbitrary code execution during build on darwin</issue>
<issue tracker="bnc" id="1224018">VUL-0: CVE-2024-24788: go1.22: net: malformed DNS message can cause infinite loop</issue>
<issue tracker="bnc" id="1225973">VUL-0: CVE-2024-24789: go1.21,go1.22: archive/zip: mishandling of corrupt central directory record</issue>
<issue tracker="bnc" id="1225974">VUL-0: CVE-2024-24790: go1.21,go1.22: net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses</issue>
<issue tracker="bnc" id="1227314">VUL-0: CVE-2024-24791 go1.21,go1.22: net/http: denial of service due to improper 100-continue handling</issue>
<issue tracker="bnc" id="1230252">VUL-0: CVE-2024-34155: go1.22,go1.23: go/parser: stack exhaustion in all Parse* functions</issue>
<issue tracker="bnc" id="1230253">VUL-0: CVE-2024-34156: go1.22,go1.23: encoding/gob: stack exhaustion in Decoder.Decode</issue>
<issue tracker="bnc" id="1230254">VUL-0: CVE-2024-34158: go1.22,go1.23: go/build/constraint: stack exhaustion in Parse</issue>
<issue tracker="cve" id="2023-45288"/>
<issue tracker="cve" id="2023-45289"/>
<issue tracker="cve" id="2023-45290"/>
<issue tracker="cve" id="2024-24783"/>
<issue tracker="cve" id="2024-24784"/>
<issue tracker="cve" id="2024-24785"/>
<issue tracker="cve" id="2024-24787"/>
<issue tracker="cve" id="2024-24788"/>
<issue tracker="cve" id="2024-24789"/>
<issue tracker="cve" id="2024-24790"/>
<issue tracker="cve" id="2024-24791"/>
<issue tracker="cve" id="2024-34155"/>
<issue tracker="cve" id="2024-34156"/>
<issue tracker="cve" id="2024-34158"/>
<issue tracker="jsc" id="PED-1962"/>
<issue tracker="jsc" id="SLE-18320"/>
<packager>jfkw</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for go1.23-openssl, go1.21-openssl, go1.22-openssl</summary>
<description>This update for go1.23-openssl, go1.21-openssl, go1.22-openssl fixes the following issues:
go1.21-openssl:
- Update to version 1.21.13.4 cut from the go1.21-fips-release
go1.22-openssl:
- Update to version 1.22.7.1 cut from the go1.22-fips-release
go1.23-openssl:
- Update to version 1.23.2.2 cut from the go1.23-fips-release
</description>
<package>go1.21-openssl</package>
<package>go1.22-openssl</package>
<package>go1.23-openssl</package>
<seperate_build_arch/>
</patchinfo>
Reference in New Issue View Git Blame Copy Permalink