Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-39323 (GCVE-0-2023-39323)
Vulnerability from cvelistv5 – Published: 2023-10-05 20:36 – Updated: 2025-06-12 15:15
VLAI
EPSS
Title
Arbitrary code execution during build via line directives in cmd/go
Summary
Line directives ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
Severity
8.1 (High)
CWE
- CWE 94: Improper Control of Generation of Code ('Code Injection')
Assigner
References
9 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Go toolchain | cmd/go |
Affected:
0 , < 1.20.9
(semver)
Affected: 1.21.0-0 , < 1.21.2 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T18:02:06.899Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/issue/63211"
},
{
"tags": [
"x_transferred"
],
"url": "https://go.dev/cl/533215"
},
{
"tags": [
"x_transferred"
],
"url": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo"
},
{
"tags": [
"x_transferred"
],
"url": "https://pkg.go.dev/vuln/GO-2023-2095"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20231020-0001/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/202311-09"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-39323",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-06-12T15:14:25.966284Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-12T15:15:12.065Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "cmd/go",
"product": "cmd/go",
"vendor": "Go toolchain",
"versions": [
{
"lessThan": "1.20.9",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.21.2",
"status": "affected",
"version": "1.21.0-0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE 94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-25T11:09:58.922Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/issue/63211"
},
{
"url": "https://go.dev/cl/533215"
},
{
"url": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo"
},
{
"url": "https://pkg.go.dev/vuln/GO-2023-2095"
},
{
"url": "https://security.netapp.com/advisory/ntap-20231020-0001/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/"
},
{
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/"
},
{
"url": "https://security.gentoo.org/glsa/202311-09"
}
],
"title": "Arbitrary code execution during build via line directives in cmd/go"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2023-39323",
"datePublished": "2023-10-05T20:36:58.756Z",
"dateReserved": "2023-07-27T17:05:55.188Z",
"dateUpdated": "2025-06-12T15:15:12.065Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2023-39323",
"date": "2026-05-30",
"epss": "0.0006",
"percentile": "0.18959"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2023-39323\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2023-10-05T21:15:11.283\",\"lastModified\":\"2025-06-12T16:15:20.520\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Line directives (\\\"//line\\\") can be used to bypass the restrictions on \\\"//go:cgo_\\\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \\\"go build\\\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.\"},{\"lang\":\"es\",\"value\":\"Las directivas de l\u00ednea (\\\"//line\\\") se pueden utilizar para evitar las restricciones de las directivas \\\"//go:cgo_\\\", permitiendo que se pasen indicadores bloqueados del enlazador y del compilador durante la compilaci\u00f3n. Esto puede provocar la ejecuci\u00f3n inesperada de c\u00f3digo arbitrario al ejecutar \\\"go build\\\". La directiva de l\u00ednea requiere la ruta absoluta del archivo en el que se encuentra la directiva, lo que hace que explotar este problema sea significativamente m\u00e1s complejo.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.1,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.20.9\",\"matchCriteriaId\":\"84851C3D-3035-457E-96D9-48E219817D58\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:golang:go:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.21.0\",\"versionEndExcluding\":\"1.21.2\",\"matchCriteriaId\":\"7381A279-81EB-48D9-8065-C733FA8736B8\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:37:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E30D0E6F-4AE8-4284-8716-991DFA48CC5D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"}]}]}],\"references\":[{\"url\":\"https://go.dev/cl/533215\",\"source\":\"security@golang.org\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/63211\",\"source\":\"security@golang.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/XBa1oHDevAo\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"security@golang.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2095\",\"source\":\"security@golang.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231020-0001/\",\"source\":\"security@golang.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://go.dev/cl/533215\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"https://go.dev/issue/63211\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://groups.google.com/g/golang-announce/c/XBa1oHDevAo\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Release Notes\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://pkg.go.dev/vuln/GO-2023-2095\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202311-09\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20231020-0001/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://go.dev/issue/63211\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://go.dev/cl/533215\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XBa1oHDevAo\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-2095\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231020-0001/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T18:02:06.899Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.1, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-39323\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-06-12T15:14:25.966284Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-06-12T15:15:03.844Z\"}}], \"cna\": {\"title\": \"Arbitrary code execution during build via line directives in cmd/go\", \"affected\": [{\"vendor\": \"Go toolchain\", \"product\": \"cmd/go\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.20.9\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.21.0-0\", \"lessThan\": \"1.21.2\", \"versionType\": \"semver\"}], \"packageName\": \"cmd/go\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://go.dev/issue/63211\"}, {\"url\": \"https://go.dev/cl/533215\"}, {\"url\": \"https://groups.google.com/g/golang-announce/c/XBa1oHDevAo\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2023-2095\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20231020-0001/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/KSEGD2IWKNUO3DWY4KQGUQM5BISRWHQE/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CLB4TW7KALB3EEQWNWCN7OUIWWVWWCG2/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XFOIBB4YFICHDM7IBOP7PWXW3FX4HLL2/\"}, {\"url\": \"https://security.gentoo.org/glsa/202311-09\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Line directives (\\\"//line\\\") can be used to bypass the restrictions on \\\"//go:cgo_\\\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \\\"go build\\\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE 94: Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2023-11-25T11:09:58.922Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-39323\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-06-12T15:15:12.065Z\", \"dateReserved\": \"2023-07-27T17:05:55.188Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2023-10-05T20:36:58.756Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
OPENSUSE-SU-2024:13307-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
go1.21-1.21.2-1.1 on GA media
Severity
Moderate
Notes
Title of the patch: go1.21-1.21.2-1.1 on GA media
Description of the patch: These are all security issues fixed in the go1.21-1.21.2-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames: openSUSE-Tumbleweed-2024-13307
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
16 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: openSUSE Tumbleweed:go1.21-1.21.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-1.21.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-1.21.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-1.21.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
5 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "go1.21-1.21.2-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the go1.21-1.21.2-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13307",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13307-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39323/"
}
],
"title": "go1.21-1.21.2-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13307-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-1.1.aarch64",
"product": {
"name": "go1.21-1.21.2-1.1.aarch64",
"product_id": "go1.21-1.21.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-1.1.aarch64",
"product": {
"name": "go1.21-doc-1.21.2-1.1.aarch64",
"product_id": "go1.21-doc-1.21.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-libstd-1.21.2-1.1.aarch64",
"product": {
"name": "go1.21-libstd-1.21.2-1.1.aarch64",
"product_id": "go1.21-libstd-1.21.2-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-1.1.aarch64",
"product": {
"name": "go1.21-race-1.21.2-1.1.aarch64",
"product_id": "go1.21-race-1.21.2-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-1.1.ppc64le",
"product": {
"name": "go1.21-1.21.2-1.1.ppc64le",
"product_id": "go1.21-1.21.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-1.1.ppc64le",
"product": {
"name": "go1.21-doc-1.21.2-1.1.ppc64le",
"product_id": "go1.21-doc-1.21.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-libstd-1.21.2-1.1.ppc64le",
"product": {
"name": "go1.21-libstd-1.21.2-1.1.ppc64le",
"product_id": "go1.21-libstd-1.21.2-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-1.1.ppc64le",
"product": {
"name": "go1.21-race-1.21.2-1.1.ppc64le",
"product_id": "go1.21-race-1.21.2-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-1.1.s390x",
"product": {
"name": "go1.21-1.21.2-1.1.s390x",
"product_id": "go1.21-1.21.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-1.1.s390x",
"product": {
"name": "go1.21-doc-1.21.2-1.1.s390x",
"product_id": "go1.21-doc-1.21.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-libstd-1.21.2-1.1.s390x",
"product": {
"name": "go1.21-libstd-1.21.2-1.1.s390x",
"product_id": "go1.21-libstd-1.21.2-1.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-1.1.s390x",
"product": {
"name": "go1.21-race-1.21.2-1.1.s390x",
"product_id": "go1.21-race-1.21.2-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-1.1.x86_64",
"product": {
"name": "go1.21-1.21.2-1.1.x86_64",
"product_id": "go1.21-1.21.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-1.1.x86_64",
"product": {
"name": "go1.21-doc-1.21.2-1.1.x86_64",
"product_id": "go1.21-doc-1.21.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-libstd-1.21.2-1.1.x86_64",
"product": {
"name": "go1.21-libstd-1.21.2-1.1.x86_64",
"product_id": "go1.21-libstd-1.21.2-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-1.1.x86_64",
"product": {
"name": "go1.21-race-1.21.2-1.1.x86_64",
"product_id": "go1.21-race-1.21.2-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-1.21.2-1.1.aarch64"
},
"product_reference": "go1.21-1.21.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-1.21.2-1.1.ppc64le"
},
"product_reference": "go1.21-1.21.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-1.21.2-1.1.s390x"
},
"product_reference": "go1.21-1.21.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-1.21.2-1.1.x86_64"
},
"product_reference": "go1.21-1.21.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.aarch64"
},
"product_reference": "go1.21-doc-1.21.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.ppc64le"
},
"product_reference": "go1.21-doc-1.21.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.s390x"
},
"product_reference": "go1.21-doc-1.21.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.x86_64"
},
"product_reference": "go1.21-doc-1.21.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-libstd-1.21.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.aarch64"
},
"product_reference": "go1.21-libstd-1.21.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-libstd-1.21.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.ppc64le"
},
"product_reference": "go1.21-libstd-1.21.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-libstd-1.21.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.s390x"
},
"product_reference": "go1.21-libstd-1.21.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-libstd-1.21.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.x86_64"
},
"product_reference": "go1.21-libstd-1.21.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.aarch64"
},
"product_reference": "go1.21-race-1.21.2-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.ppc64le"
},
"product_reference": "go1.21-race-1.21.2-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.s390x"
},
"product_reference": "go1.21-race-1.21.2-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.x86_64"
},
"product_reference": "go1.21-race-1.21.2-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39323"
}
],
"notes": [
{
"category": "general",
"text": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39323",
"url": "https://www.suse.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "SUSE Bug 1215985 for CVE-2023-39323",
"url": "https://bugzilla.suse.com/1215985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-doc-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-libstd-1.21.2-1.1.x86_64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.aarch64",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.ppc64le",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.s390x",
"openSUSE Tumbleweed:go1.21-race-1.21.2-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2023-39323"
}
]
}
RHBA-2023:6928
Vulnerability from csaf_redhat - Published: 2023-11-14 16:04 - Updated: 2026-05-19 21:18Summary
Red Hat Bug Fix Advisory: go-toolset:rhel8 bug fix and enhancement update
Severity
Moderate
Notes
Topic: An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.
Details: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in Golang. The html/template package did not properly handle HMTL-like "<!--" and "-->" comment tokens, nor hashbang "#!" comment tokens, in <script> contexts. This issue may cause the template parser to improperly interpret the contents of <script> contexts, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of "<script", "<!--", and "</script" within JS literals in <script> contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.
6.1 (Medium)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.
7.5 (High)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.
7.5 (High)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
A flaw was found in the golang cmd/go standard library. A line directive ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to pass during compilation. This can result in the unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
8.1 (High)
Affected products
Fixed
22 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
41 references
Acknowledgments
GMO Cybersecurity by Ierae, Inc.
Takeshi Kaneko
Martin Seemann
Marten Seemann
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the go-toolset:rhel8 module is now available for Red Hat Enterprise Linux 8.",
"title": "Topic"
},
{
"category": "general",
"text": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHBA-2023:6928",
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index"
},
{
"category": "external",
"summary": "2186495",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2186495"
},
{
"category": "external",
"summary": "2226901",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2226901"
},
{
"category": "external",
"summary": "2230599",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2230599"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhba-2023_6928.json"
}
],
"title": "Red Hat Bug Fix Advisory: go-toolset:rhel8 bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-05-19T21:18:08+00:00",
"generator": {
"date": "2026-05-19T21:18:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.8.0"
}
},
"id": "RHBA-2023:6928",
"initial_release_date": "2023-11-14T16:04:55+00:00",
"revision_history": [
{
"date": "2023-11-14T16:04:55+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-14T16:04:55+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-05-19T21:18:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8)",
"product_id": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=aarch64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=src\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"product": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src (go-toolset:rhel8)",
"product_id": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=src\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"product": {
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src (go-toolset:rhel8)",
"product_id": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.20.2-1.module%2Bel8.9.0%2B18926%2B5193682d?arch=src\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product": {
"name": "golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8)",
"product_id": "golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-docs@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=noarch\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product": {
"name": "golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8)",
"product_id": "golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-misc@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=noarch\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product": {
"name": "golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8)",
"product_id": "golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-src@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=noarch\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product": {
"name": "golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8)",
"product_id": "golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-tests@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=noarch\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8)",
"product_id": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=ppc64le\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=s390x\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8)",
"product_id": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=s390x\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=s390x\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8)",
"product_id": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve@1.20.2-1.module%2Bel8.9.0%2B18926%2B5193682d?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debuginfo@1.20.2-1.module%2Bel8.9.0%2B18926%2B5193682d?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product": {
"name": "delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8)",
"product_id": "delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/delve-debugsource@1.20.2-1.module%2Bel8.9.0%2B18926%2B5193682d?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8)",
"product_id": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/go-toolset@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8)",
"product_id": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
},
{
"category": "product_version",
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8)",
"product_id": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/golang-bin@1.20.10-1.module%2Bel8.9.0%2B20382%2B04f7fe80?arch=x86_64\u0026rpmmod=go-toolset:rhel8:8090020231013032436:26eb71ac"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8"
},
"product_reference": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8"
},
"product_reference": "delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8"
},
"product_reference": "go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8"
},
"product_reference": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8"
},
"product_reference": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64 (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8"
},
"product_reference": "golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
},
"product_reference": "golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
},
"product_reference": "golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
},
"product_reference": "golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch (go-toolset:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
},
"product_reference": "golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"relates_to_product_reference": "AppStream-8.9.0.GA"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39318",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237776"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not properly handle HMTL-like \"\u003c!--\" and \"--\u003e\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This issue may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of HTML-like comments within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "RHBZ#2237776",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237776"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39318"
},
{
"category": "external",
"summary": "https://go.dev/cl/526156",
"url": "https://go.dev/cl/526156"
},
{
"category": "external",
"summary": "https://go.dev/issue/62196",
"url": "https://go.dev/issue/62196"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2041.json",
"url": "https://vuln.go.dev/ID/GO-2023-2041.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T16:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of HTML-like comments within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Takeshi Kaneko"
],
"organization": "GMO Cybersecurity by Ierae, Inc."
}
],
"cve": "CVE-2023-39319",
"cwe": {
"id": "CWE-79",
"name": "Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237773"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. The html/template package did not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This issue may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: html/template: improper handling of special tags within script contexts",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "RHBZ#2237773",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237773"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39319"
},
{
"category": "external",
"summary": "https://go.dev/cl/526157",
"url": "https://go.dev/cl/526157"
},
{
"category": "external",
"summary": "https://go.dev/issue/62197",
"url": "https://go.dev/issue/62197"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2043.json",
"url": "https://vuln.go.dev/ID/GO-2023-2043.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T16:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: html/template: improper handling of special tags within script contexts"
},
{
"acknowledgments": [
{
"names": [
"Martin Seemann"
]
}
],
"cve": "CVE-2023-39321",
"cwe": {
"id": "CWE-805",
"name": "Buffer Access with Incorrect Length Value"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237777"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. Processing an incomplete post-handshake message for a QUIC connection caused a panic.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The flaw has been marked as moderate instead of high like NVD \nQUICConn.HandleData buffers data and passes it to handlePostHandshakeMessage every time the buffer contains a complete message, while HandleData doesn\u0027t limit the amount of data it can buffer, a panic or denial of service would likely be lower severity,also in order to exploit this vulnerability, an attacker would have to smuggle partial handshake data which might be rejected altogether as per tls RFC specification.Therfore because of a lower severity denial of service and conditions that are beyond the scope of attackers control,we have marked this as moderate severity",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "RHBZ#2237777",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237777"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39321"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39321"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2044.json",
"url": "https://vuln.go.dev/ID/GO-2023-2044.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T16:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: panic when processing post-handshake message on QUIC connections"
},
{
"acknowledgments": [
{
"names": [
"Marten Seemann"
]
}
],
"cve": "CVE-2023-39322",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2023-09-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2237778"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Golang. QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With the fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: crypto/tls: lack of a limit on buffered post-handshake",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "A vulnerability was found in the Go QUIC protocol implementation in the logic that processes post-handshake messages. It is an uncontrolled resource consumption flaw, triggered when a malicious connection sends data without an enforced upper bound. This leads to unbounded memory growth, causing the service to crash and resulting in a denial of service.The single-dimensional impact of denial of service and the added complexity of whether the resource exhaustion would happen, being out of an attacker\u0027s control,this has been rated as moderate severity.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "RHBZ#2237778",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2237778"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39322"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39322"
},
{
"category": "external",
"summary": "https://go.dev/cl/523039",
"url": "https://go.dev/cl/523039"
},
{
"category": "external",
"summary": "https://go.dev/issue/62266",
"url": "https://go.dev/issue/62266"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ",
"url": "https://groups.google.com/g/golang-dev/c/2C5vbR-UNkI/m/L1hdrPhfBAAJ"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2045.json",
"url": "https://vuln.go.dev/ID/GO-2023-2045.json"
}
],
"release_date": "2023-09-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T16:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: crypto/tls: lack of a limit on buffered post-handshake"
},
{
"cve": "CVE-2023-39323",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242544"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang cmd/go standard library. A line directive (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to pass during compilation. This can result in the unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/go: line directives allows arbitrary execution during build",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires knowledge of the absolute path to the file containing the malicious directive, which significantly limits its feasibility for external attackers unless they already have local access or detailed knowledge of the system\u0027s layout. To exploit the vulnerability, an attacker must also convince a developer to download and build a malicious Go module\u2014an action typically constrained by trusted workflows and package verification.\n\nImportantly, this vulnerability does not impact running applications. Instead, it targets the development process, specifically developers or CI/CD pipelines during the build phase, further narrowing its scope.\n\nAs a result, this issue has been rated Moderate due to the multiple complex and unlikely prerequisites required for a successful exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "RHBZ#2242544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323"
},
{
"category": "external",
"summary": "https://go.dev/cl/533215",
"url": "https://go.dev/cl/533215"
},
{
"category": "external",
"summary": "https://go.dev/issue/63211",
"url": "https://go.dev/issue/63211"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo",
"url": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2095.json",
"url": "https://vuln.go.dev/ID/GO-2023-2095.json"
}
],
"release_date": "2023-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-14T16:04:55+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHBA-2023:6928"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debuginfo-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:delve-debugsource-0:1.20.2-1.module+el8.9.0+18926+5193682d.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:go-toolset-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.src::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.aarch64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.ppc64le::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.s390x::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-bin-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.x86_64::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-docs-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-misc-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-src-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8",
"AppStream-8.9.0.GA:golang-tests-0:1.20.10-1.module+el8.9.0+20382+04f7fe80.noarch::go-toolset:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/go: line directives allows arbitrary execution during build"
}
]
}
RHEA-2023:7311
Vulnerability from csaf_redhat - Published: 2023-11-16 07:58 - Updated: 2026-01-28 18:57Summary
Red Hat Enhancement Advisory: go-toolset-container bug fix and enhancement update
Severity
Moderate
Notes
Topic: An update for go-toolset-container is now available for Red Hat Enterprise Linux 8.
Details: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
A flaw was found in the golang cmd/go standard library. A line directive ("//line") can be used to bypass the restrictions on "//go:cgo_" directives, allowing blocked linker and compiler flags to pass during compilation. This can result in the unexpected execution of arbitrary code when running "go build". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.
8.1 (High)
Affected products
Fixed
8 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: AppStream-8.9.0.GA:rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64 | — |
Vendor Fix
fix
|
|
| Unresolved product id: AppStream-8.9.0.GA:ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64 | — |
Vendor Fix
fix
|
Threats
Impact
Moderate
References
12 references
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for go-toolset-container is now available for Red Hat Enterprise Linux 8.",
"title": "Topic"
},
{
"category": "general",
"text": "For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHEA-2023:7311",
"url": "https://access.redhat.com/errata/RHEA-2023:7311"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.9_release_notes/index"
},
{
"category": "external",
"summary": "2235856",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2235856"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2023/rhea-2023_7311.json"
}
],
"title": "Red Hat Enhancement Advisory: go-toolset-container bug fix and enhancement update",
"tracking": {
"current_release_date": "2026-01-28T18:57:55+00:00",
"generator": {
"date": "2026-01-28T18:57:55+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.16"
}
},
"id": "RHEA-2023:7311",
"initial_release_date": "2023-11-16T07:58:05+00:00",
"revision_history": [
{
"date": "2023-11-16T07:58:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2023-11-16T07:58:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2026-01-28T18:57:55+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product": {
"name": "ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product_id": "ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5?arch=amd64\u0026repository_url=registry.redhat.io/ubi8/go-toolset\u0026tag=1.20.10-3"
}
}
},
{
"category": "product_version",
"name": "rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product": {
"name": "rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product_id": "rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5?arch=amd64\u0026repository_url=registry.redhat.io/rhel8/go-toolset\u0026tag=1.20.10-3"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product": {
"name": "ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product_id": "ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9?arch=s390x\u0026repository_url=registry.redhat.io/ubi8/go-toolset\u0026tag=1.20.10-3"
}
}
},
{
"category": "product_version",
"name": "rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product": {
"name": "rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product_id": "rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9?arch=s390x\u0026repository_url=registry.redhat.io/rhel8/go-toolset\u0026tag=1.20.10-3"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product": {
"name": "ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product_id": "ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015?arch=ppc64le\u0026repository_url=registry.redhat.io/ubi8/go-toolset\u0026tag=1.20.10-3"
}
}
},
{
"category": "product_version",
"name": "rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product": {
"name": "rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product_id": "rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015?arch=ppc64le\u0026repository_url=registry.redhat.io/rhel8/go-toolset\u0026tag=1.20.10-3"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product": {
"name": "ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product_id": "ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a?arch=arm64\u0026repository_url=registry.redhat.io/ubi8/go-toolset\u0026tag=1.20.10-3"
}
}
},
{
"category": "product_version",
"name": "rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product": {
"name": "rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product_id": "rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"product_identification_helper": {
"purl": "pkg:oci/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a?arch=arm64\u0026repository_url=registry.redhat.io/rhel8/go-toolset\u0026tag=1.20.10-3"
}
}
}
],
"category": "architecture",
"name": "arm64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le"
},
"product_reference": "rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x"
},
"product_reference": "rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64"
},
"product_reference": "rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64"
},
"product_reference": "rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le"
},
"product_reference": "ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x"
},
"product_reference": "ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64"
},
"product_reference": "ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"relates_to_product_reference": "AppStream-8.9.0.GA"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.9.0.GA:ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64"
},
"product_reference": "ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"relates_to_product_reference": "AppStream-8.9.0.GA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2023-10-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2242544"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the golang cmd/go standard library. A line directive (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to pass during compilation. This can result in the unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: cmd/go: line directives allows arbitrary execution during build",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This attack requires knowledge of the absolute path to the file containing the malicious directive, which significantly limits its feasibility for external attackers unless they already have local access or detailed knowledge of the system\u0027s layout. To exploit the vulnerability, an attacker must also convince a developer to download and build a malicious Go module\u2014an action typically constrained by trusted workflows and package verification.\n\nImportantly, this vulnerability does not impact running applications. Instead, it targets the development process, specifically developers or CI/CD pipelines during the build phase, further narrowing its scope.\n\nAs a result, this issue has been rated Moderate due to the multiple complex and unlikely prerequisites required for a successful exploit.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "RHBZ#2242544",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2242544"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-39323"
},
{
"category": "external",
"summary": "https://go.dev/cl/533215",
"url": "https://go.dev/cl/533215"
},
{
"category": "external",
"summary": "https://go.dev/issue/63211",
"url": "https://go.dev/issue/63211"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo",
"url": "https://groups.google.com/g/golang-announce/c/XBa1oHDevAo"
},
{
"category": "external",
"summary": "https://vuln.go.dev/ID/GO-2023-2095.json",
"url": "https://vuln.go.dev/ID/GO-2023-2095.json"
}
],
"release_date": "2023-10-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2023-11-16T07:58:05+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHEA-2023:7311"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:rhel8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:1438b41a97337f91f08a7f4d6b859cc5232f1defb6067873a0dfe20970774015_ppc64le",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:697a8aa186f930077c1f766a56a8bc7c78f052aa55f77e99360d4f3150c525a9_s390x",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:c5e43b8090e6ed26c86143a4d7e6ff8fb8556485293f1343c1d7522f7e4c01c5_amd64",
"AppStream-8.9.0.GA:ubi8/go-toolset@sha256:cb8b8324d59b195dd02c71e5368d2022d6eef4d34d1a4bc3a6386656f5ae172a_arm64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: cmd/go: line directives allows arbitrary execution during build"
}
]
}
SUSE-SU-2023:4017-1
Vulnerability from csaf_suse - Published: 2023-10-09 17:23 - Updated: 2023-10-09 17:23Summary
Security update for go1.21
Severity
Important
Notes
Title of the patch: Security update for go1.21
Description of the patch: This update for go1.21 fixes the following issues:
- Updated to version 1.21.2 (bsc#1212475):
- CVE-2023-39323: Fixed an arbitrary execution issue during build
time due to path directive bypass (bsc#1215985).
Patchnames: SUSE-2023-4017,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4017,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4017,openSUSE-SLE-15.4-2023-4017,openSUSE-SLE-15.5-2023-4017
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.21",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.21 fixes the following issues:\n\n- Updated to version 1.21.2 (bsc#1212475):\n\n - CVE-2023-39323: Fixed an arbitrary execution issue during build\n time due to path directive bypass (bsc#1215985).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4017,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4017,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4017,openSUSE-SLE-15.4-2023-4017,openSUSE-SLE-15.5-2023-4017",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4017-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4017-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234017-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4017-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016574.html"
},
{
"category": "self",
"summary": "SUSE Bug 1212475",
"url": "https://bugzilla.suse.com/1212475"
},
{
"category": "self",
"summary": "SUSE Bug 1215985",
"url": "https://bugzilla.suse.com/1215985"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39323/"
}
],
"title": "Security update for go1.21",
"tracking": {
"current_release_date": "2023-10-09T17:23:30Z",
"generator": {
"date": "2023-10-09T17:23:30Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4017-1",
"initial_release_date": "2023-10-09T17:23:30Z",
"revision_history": [
{
"date": "2023-10-09T17:23:30Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.21-1.21.2-150000.1.9.1.aarch64",
"product_id": "go1.21-1.21.2-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"product_id": "go1.21-doc-1.21.2-150000.1.9.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"product": {
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"product_id": "go1.21-race-1.21.2-150000.1.9.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-150000.1.9.1.i586",
"product": {
"name": "go1.21-1.21.2-150000.1.9.1.i586",
"product_id": "go1.21-1.21.2-150000.1.9.1.i586"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-150000.1.9.1.i586",
"product": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.i586",
"product_id": "go1.21-doc-1.21.2-150000.1.9.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"product_id": "go1.21-1.21.2-150000.1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"product_id": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"product": {
"name": "go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"product_id": "go1.21-race-1.21.2-150000.1.9.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-150000.1.9.1.s390x",
"product": {
"name": "go1.21-1.21.2-150000.1.9.1.s390x",
"product_id": "go1.21-1.21.2-150000.1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"product": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"product_id": "go1.21-doc-1.21.2-150000.1.9.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-150000.1.9.1.s390x",
"product": {
"name": "go1.21-race-1.21.2-150000.1.9.1.s390x",
"product_id": "go1.21-race-1.21.2-150000.1.9.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-1.21.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.21-1.21.2-150000.1.9.1.x86_64",
"product_id": "go1.21-1.21.2-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"product_id": "go1.21-doc-1.21.2-150000.1.9.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"product": {
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"product_id": "go1.21-race-1.21.2-150000.1.9.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-doc-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.aarch64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.ppc64le"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.s390x"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-race-1.21.2-150000.1.9.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.x86_64"
},
"product_reference": "go1.21-race-1.21.2-150000.1.9.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39323"
}
],
"notes": [
{
"category": "general",
"text": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39323",
"url": "https://www.suse.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "SUSE Bug 1215985 for CVE-2023-39323",
"url": "https://bugzilla.suse.com/1215985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.4:go1.21-race-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-doc-1.21.2-150000.1.9.1.x86_64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.aarch64",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.ppc64le",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.s390x",
"openSUSE Leap 15.5:go1.21-race-1.21.2-150000.1.9.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-09T17:23:30Z",
"details": "important"
}
],
"title": "CVE-2023-39323"
}
]
}
SUSE-SU-2023:4018-1
Vulnerability from csaf_suse - Published: 2023-10-09 17:24 - Updated: 2023-10-09 17:24Summary
Security update for go1.20
Severity
Important
Notes
Title of the patch: Security update for go1.20
Description of the patch: This update for go1.20 fixes the following issues:
- Updated to version 1.20.9 (bsc#1206346):
- CVE-2023-39323: Fixed an arbitrary execution issue during build
time due to path directive bypass (bsc#1215985).
Patchnames: SUSE-2023-4018,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4018,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4018,openSUSE-SLE-15.4-2023-4018,openSUSE-SLE-15.5-2023-4018
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
46 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
References
9 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.20",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.20 fixes the following issues:\n\n- Updated to version 1.20.9 (bsc#1206346):\n\n - CVE-2023-39323: Fixed an arbitrary execution issue during build\n time due to path directive bypass (bsc#1215985).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4018,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4018,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4018,openSUSE-SLE-15.4-2023-4018,openSUSE-SLE-15.5-2023-4018",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4018-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4018-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234018-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4018-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016573.html"
},
{
"category": "self",
"summary": "SUSE Bug 1206346",
"url": "https://bugzilla.suse.com/1206346"
},
{
"category": "self",
"summary": "SUSE Bug 1215985",
"url": "https://bugzilla.suse.com/1215985"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39323/"
}
],
"title": "Security update for go1.20",
"tracking": {
"current_release_date": "2023-10-09T17:24:03Z",
"generator": {
"date": "2023-10-09T17:24:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4018-1",
"initial_release_date": "2023-10-09T17:24:03Z",
"revision_history": [
{
"date": "2023-10-09T17:24:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.20-1.20.9-150000.1.26.1.aarch64",
"product": {
"name": "go1.20-1.20.9-150000.1.26.1.aarch64",
"product_id": "go1.20-1.20.9-150000.1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"product": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"product_id": "go1.20-doc-1.20.9-150000.1.26.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"product": {
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"product_id": "go1.20-race-1.20.9-150000.1.26.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-1.20.9-150000.1.26.1.i586",
"product": {
"name": "go1.20-1.20.9-150000.1.26.1.i586",
"product_id": "go1.20-1.20.9-150000.1.26.1.i586"
}
},
{
"category": "product_version",
"name": "go1.20-doc-1.20.9-150000.1.26.1.i586",
"product": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.i586",
"product_id": "go1.20-doc-1.20.9-150000.1.26.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"product": {
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"product_id": "go1.20-1.20.9-150000.1.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"product": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"product_id": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"product": {
"name": "go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"product_id": "go1.20-race-1.20.9-150000.1.26.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-1.20.9-150000.1.26.1.s390x",
"product": {
"name": "go1.20-1.20.9-150000.1.26.1.s390x",
"product_id": "go1.20-1.20.9-150000.1.26.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"product": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"product_id": "go1.20-doc-1.20.9-150000.1.26.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.20-race-1.20.9-150000.1.26.1.s390x",
"product": {
"name": "go1.20-race-1.20.9-150000.1.26.1.s390x",
"product_id": "go1.20-race-1.20.9-150000.1.26.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-1.20.9-150000.1.26.1.x86_64",
"product": {
"name": "go1.20-1.20.9-150000.1.26.1.x86_64",
"product_id": "go1.20-1.20.9-150000.1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"product": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"product_id": "go1.20-doc-1.20.9-150000.1.26.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"product": {
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"product_id": "go1.20-race-1.20.9-150000.1.26.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-doc-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.aarch64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.ppc64le"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.s390x"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-race-1.20.9-150000.1.26.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.x86_64"
},
"product_reference": "go1.20-race-1.20.9-150000.1.26.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39323"
}
],
"notes": [
{
"category": "general",
"text": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39323",
"url": "https://www.suse.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "SUSE Bug 1215985 for CVE-2023-39323",
"url": "https://bugzilla.suse.com/1215985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.4:go1.20-race-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-doc-1.20.9-150000.1.26.1.x86_64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.aarch64",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.ppc64le",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.s390x",
"openSUSE Leap 15.5:go1.20-race-1.20.9-150000.1.26.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-10-09T17:24:03Z",
"details": "important"
}
],
"title": "CVE-2023-39323"
}
]
}
SUSE-SU-2023:4469-1
Vulnerability from csaf_suse - Published: 2023-11-16 17:59 - Updated: 2023-11-16 17:59Summary
Security update for go1.21-openssl
Severity
Moderate
Notes
Title of the patch: Security update for go1.21-openssl
Description of the patch: This update for go1.21-openssl fixes the following issues:
Update to version 1.21.4.1 cut from the go1.21-openssl-fips
branch at the revision tagged go1.21.4-1-openssl-fips.
* Update to go1.21.4
go1.21.4 (released 2023-11-07) includes security fixes to the
path/filepath package, as well as bug fixes to the linker, the
runtime, the compiler, and the go/types, net/http, and
runtime/cgo packages.
* security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944)
* spec: update unification rules
* cmd/compile: internal compiler error: expected struct value to have type struct
* cmd/link: split text sections for arm 32-bit
* runtime: MADV_COLLAPSE causes production performance issues on Linux
* go/types, x/tools/go/ssa: panic: type param without replacement encountered
* cmd/compile: -buildmode=c-archive produces code not suitable for use in a shared object on arm64
* net/http: http2 page fails on firefox/safari if pushing resources
Initial package go1.21-openssl version 1.21.3.1 cut from the
go1.21-openssl-fips branch at the revision tagged
go1.21.3-1-openssl-fips. (jsc#SLE-18320)
* Go upstream merged branch dev.boringcrypto in go1.19+.
* In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.
* In go1.x-openssl enable FIPS mode (or boring mode as the
package is named) either via an environment variable
GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.
* When the operating system is operating in FIPS mode, Go
applications which import crypto/tls/fipsonly limit operations
to the FIPS ciphersuite.
* go1.x-openssl is delivered as two large patches to go1.x
applying necessary modifications from the golang-fips/go GitHub
project for the Go crypto library to use OpenSSL as the
external cryptographic library in a FIPS compliant way.
* go1.x-openssl modifies the crypto/* packages to use OpenSSL for
cryptographic operations.
* go1.x-openssl uses dlopen() to call into OpenSSL.
* SUSE RPM packaging introduces a fourth version digit go1.x.y.z
corresponding to the golang-fips/go patchset tagged revision.
* Patchset improvements can be updated independently of upstream
Go maintenance releases.
Patchnames: SUSE-2023-4469,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4469,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4469,openSUSE-SLE-15.4-2023-4469,openSUSE-SLE-15.5-2023-4469
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.7 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
55 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.21-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.21-openssl fixes the following issues:\n\nUpdate to version 1.21.4.1 cut from the go1.21-openssl-fips\nbranch at the revision tagged go1.21.4-1-openssl-fips.\n\n* Update to go1.21.4\n\n\ngo1.21.4 (released 2023-11-07) includes security fixes to the\npath/filepath package, as well as bug fixes to the linker, the\nruntime, the compiler, and the go/types, net/http, and\nruntime/cgo packages.\n\n* security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944)\n* spec: update unification rules\n* cmd/compile: internal compiler error: expected struct value to have type struct\n* cmd/link: split text sections for arm 32-bit\n* runtime: MADV_COLLAPSE causes production performance issues on Linux\n* go/types, x/tools/go/ssa: panic: type param without replacement encountered\n* cmd/compile: -buildmode=c-archive produces code not suitable for use in a shared object on arm64\n* net/http: http2 page fails on firefox/safari if pushing resources\n\n\nInitial package go1.21-openssl version 1.21.3.1 cut from the\ngo1.21-openssl-fips branch at the revision tagged\ngo1.21.3-1-openssl-fips. (jsc#SLE-18320)\n\n* Go upstream merged branch dev.boringcrypto in go1.19+.\n* In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.\n* In go1.x-openssl enable FIPS mode (or boring mode as the\n package is named) either via an environment variable\n GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.\n* When the operating system is operating in FIPS mode, Go\n applications which import crypto/tls/fipsonly limit operations\n to the FIPS ciphersuite.\n* go1.x-openssl is delivered as two large patches to go1.x\n applying necessary modifications from the golang-fips/go GitHub\n project for the Go crypto library to use OpenSSL as the\n external cryptographic library in a FIPS compliant way.\n* go1.x-openssl modifies the crypto/* packages to use OpenSSL for\n cryptographic operations.\n* go1.x-openssl uses dlopen() to call into OpenSSL.\n* SUSE RPM packaging introduces a fourth version digit go1.x.y.z\n corresponding to the golang-fips/go patchset tagged revision.\n* Patchset improvements can be updated independently of upstream\n Go maintenance releases.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4469,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4469,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4469,openSUSE-SLE-15.4-2023-4469,openSUSE-SLE-15.5-2023-4469",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4469-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4469-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234469-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4469-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017050.html"
},
{
"category": "self",
"summary": "SUSE Bug 1212475",
"url": "https://bugzilla.suse.com/1212475"
},
{
"category": "self",
"summary": "SUSE Bug 1212667",
"url": "https://bugzilla.suse.com/1212667"
},
{
"category": "self",
"summary": "SUSE Bug 1212669",
"url": "https://bugzilla.suse.com/1212669"
},
{
"category": "self",
"summary": "SUSE Bug 1215084",
"url": "https://bugzilla.suse.com/1215084"
},
{
"category": "self",
"summary": "SUSE Bug 1215085",
"url": "https://bugzilla.suse.com/1215085"
},
{
"category": "self",
"summary": "SUSE Bug 1215086",
"url": "https://bugzilla.suse.com/1215086"
},
{
"category": "self",
"summary": "SUSE Bug 1215087",
"url": "https://bugzilla.suse.com/1215087"
},
{
"category": "self",
"summary": "SUSE Bug 1215090",
"url": "https://bugzilla.suse.com/1215090"
},
{
"category": "self",
"summary": "SUSE Bug 1215985",
"url": "https://bugzilla.suse.com/1215985"
},
{
"category": "self",
"summary": "SUSE Bug 1216109",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "self",
"summary": "SUSE Bug 1216943",
"url": "https://bugzilla.suse.com/1216943"
},
{
"category": "self",
"summary": "SUSE Bug 1216944",
"url": "https://bugzilla.suse.com/1216944"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39318 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39318/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39319 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39319/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39320 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39320/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39321 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39321/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39322 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39322/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-44487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-44487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45283 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45284/"
}
],
"title": "Security update for go1.21-openssl",
"tracking": {
"current_release_date": "2023-11-16T17:59:49Z",
"generator": {
"date": "2023-11-16T17:59:49Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4469-1",
"initial_release_date": "2023-11-16T17:59:49Z",
"revision_history": [
{
"date": "2023-11-16T17:59:49Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"product": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"product_id": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"product": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"product_id": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"product": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"product_id": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.i586",
"product": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.i586",
"product_id": "go1.21-openssl-1.21.4.1-150000.1.5.1.i586"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.i586",
"product": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.i586",
"product_id": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"product": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"product_id": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"product": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"product_id": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"product": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"product_id": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"product": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"product_id": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"product": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"product_id": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"product": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"product_id": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"product": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"product_id": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"product": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"product_id": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"product": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"product_id": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39318",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39318"
}
],
"notes": [
{
"category": "general",
"text": "The html/template package does not properly handle HTML-like \"\" comment tokens, nor hashbang \"#!\" comment tokens, in \u003cscript\u003e contexts. This may cause the template parser to improperly interpret the contents of \u003cscript\u003e contexts, causing actions to be improperly escaped. This may be leveraged to perform an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39318",
"url": "https://www.suse.com/security/cve/CVE-2023-39318"
},
{
"category": "external",
"summary": "SUSE Bug 1215084 for CVE-2023-39318",
"url": "https://bugzilla.suse.com/1215084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2023-39318"
},
{
"cve": "CVE-2023-39319",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39319"
}
],
"notes": [
{
"category": "general",
"text": "The html/template package does not apply the proper rules for handling occurrences of \"\u003cscript\", \"\u003c!--\", and \"\u003c/script\" within JS literals in \u003cscript\u003e contexts. This may cause the template parser to improperly consider script contexts to be terminated early, causing actions to be improperly escaped. This could be leveraged to perform an XSS attack.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39319",
"url": "https://www.suse.com/security/cve/CVE-2023-39319"
},
{
"category": "external",
"summary": "SUSE Bug 1215085 for CVE-2023-39319",
"url": "https://bugzilla.suse.com/1215085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2023-39319"
},
{
"cve": "CVE-2023-39320",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39320"
}
],
"notes": [
{
"category": "general",
"text": "The go.mod toolchain directive, introduced in Go 1.21, can be leveraged to execute scripts and binaries relative to the root of the module when the \"go\" command was executed within the module. This applies to modules downloaded using the \"go\" command from the module proxy, as well as modules downloaded directly using VCS software.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39320",
"url": "https://www.suse.com/security/cve/CVE-2023-39320"
},
{
"category": "external",
"summary": "SUSE Bug 1215086 for CVE-2023-39320",
"url": "https://bugzilla.suse.com/1215086"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-39320"
},
{
"cve": "CVE-2023-39321",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39321"
}
],
"notes": [
{
"category": "general",
"text": "Processing an incomplete post-handshake message for a QUIC connection can cause a panic.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39321",
"url": "https://www.suse.com/security/cve/CVE-2023-39321"
},
{
"category": "external",
"summary": "SUSE Bug 1215087 for CVE-2023-39321",
"url": "https://bugzilla.suse.com/1215087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-39321"
},
{
"cve": "CVE-2023-39322",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39322"
}
],
"notes": [
{
"category": "general",
"text": "QUIC connections do not set an upper bound on the amount of data buffered when reading post-handshake messages, allowing a malicious QUIC connection to cause unbounded memory growth. With fix, connections now consistently reject messages larger than 65KiB in size.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39322",
"url": "https://www.suse.com/security/cve/CVE-2023-39322"
},
{
"category": "external",
"summary": "SUSE Bug 1215087 for CVE-2023-39322",
"url": "https://bugzilla.suse.com/1215087"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-39322"
},
{
"cve": "CVE-2023-39323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39323"
}
],
"notes": [
{
"category": "general",
"text": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39323",
"url": "https://www.suse.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "SUSE Bug 1215985 for CVE-2023-39323",
"url": "https://bugzilla.suse.com/1215985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-39323"
},
{
"cve": "CVE-2023-39325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39325"
}
],
"notes": [
{
"category": "general",
"text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39325",
"url": "https://www.suse.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1230323 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1230323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-44487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-44487"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-44487",
"url": "https://www.suse.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1216123 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216123"
},
{
"category": "external",
"summary": "SUSE Bug 1216169 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216169"
},
{
"category": "external",
"summary": "SUSE Bug 1216171 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216171"
},
{
"category": "external",
"summary": "SUSE Bug 1216174 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216174"
},
{
"category": "external",
"summary": "SUSE Bug 1216176 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216176"
},
{
"category": "external",
"summary": "SUSE Bug 1216181 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216181"
},
{
"category": "external",
"summary": "SUSE Bug 1216182 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216182"
},
{
"category": "external",
"summary": "SUSE Bug 1216190 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "important"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45283"
}
],
"notes": [
{
"category": "general",
"text": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45283",
"url": "https://www.suse.com/security/cve/CVE-2023-45283"
},
{
"category": "external",
"summary": "SUSE Bug 1216943 for CVE-2023-45283",
"url": "https://bugzilla.suse.com/1216943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45284"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45284",
"url": "https://www.suse.com/security/cve/CVE-2023-45284"
},
{
"category": "external",
"summary": "SUSE Bug 1216944 for CVE-2023-45284",
"url": "https://bugzilla.suse.com/1216944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.4:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.4.1-150000.1.5.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.4.1-150000.1.5.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T17:59:49Z",
"details": "moderate"
}
],
"title": "CVE-2023-45284"
}
]
}
SUSE-SU-2023:4472-1
Vulnerability from csaf_suse - Published: 2023-11-16 18:01 - Updated: 2023-11-16 18:01Summary
Security update for go1.20-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.20-openssl
Description of the patch: This update for go1.20-openssl fixes the following issues:
Update to version 1.20.11.1 cut from the go1.20-openssl-fips
branch at the revision tagged go1.20.11-1-openssl-fips.
* Update to go1.20.11
go1.20.11 (released 2023-11-07) includes security fixes to the
path/filepath package, as well as bug fixes to the linker and the
net/http package.
* security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944)
* cmd/link: split text sections for arm 32-bit
* net/http: http2 page fails on firefox/safari if pushing resources
Update to version 1.20.10.1 cut from the go1.20-openssl-fips
branch at the revision tagged go1.20.10-1-openssl-fips.
* Update to go1.20.10
go1.20.10 (released 2023-10-10) includes a security fix to the
net/http package.
* security: fix CVE-2023-39325 CVE-2023-44487 net/http: rapid stream resets can cause excessive work (bsc#1216109)
go1.20.9 (released 2023-10-05) includes one security fixes to the
cmd/go package, as well as bug fixes to the go command and the
linker.
* security: fix CVE-2023-39323 cmd/go: line directives allows arbitrary execution during build (bsc#1215985)
* cmd/link: issues with Apple's new linker in Xcode 15 beta
Patchnames: SUSE-2023-4472,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4472,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4472,openSUSE-SLE-15.4-2023-4472,openSUSE-SLE-15.5-2023-4472
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
7.8 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.8 (Medium)
Affected products
Recommended
48 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
33 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.20-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.20-openssl fixes the following issues:\n\nUpdate to version 1.20.11.1 cut from the go1.20-openssl-fips\nbranch at the revision tagged go1.20.11-1-openssl-fips.\n\n* Update to go1.20.11\n\n\ngo1.20.11 (released 2023-11-07) includes security fixes to the\npath/filepath package, as well as bug fixes to the linker and the\nnet/http package.\n\n* security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944)\n* cmd/link: split text sections for arm 32-bit\n* net/http: http2 page fails on firefox/safari if pushing resources\n\n\nUpdate to version 1.20.10.1 cut from the go1.20-openssl-fips\nbranch at the revision tagged go1.20.10-1-openssl-fips.\n\n* Update to go1.20.10\n\n\ngo1.20.10 (released 2023-10-10) includes a security fix to the\nnet/http package.\n\n* security: fix CVE-2023-39325 CVE-2023-44487 net/http: rapid stream resets can cause excessive work (bsc#1216109)\n\n \ngo1.20.9 (released 2023-10-05) includes one security fixes to the\ncmd/go package, as well as bug fixes to the go command and the\nlinker.\n\n* security: fix CVE-2023-39323 cmd/go: line directives allows arbitrary execution during build (bsc#1215985)\n* cmd/link: issues with Apple\u0027s new linker in Xcode 15 beta\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4472,SUSE-SLE-Module-Development-Tools-15-SP4-2023-4472,SUSE-SLE-Module-Development-Tools-15-SP5-2023-4472,openSUSE-SLE-15.4-2023-4472,openSUSE-SLE-15.5-2023-4472",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4472-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4472-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234472-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4472-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017047.html"
},
{
"category": "self",
"summary": "SUSE Bug 1206346",
"url": "https://bugzilla.suse.com/1206346"
},
{
"category": "self",
"summary": "SUSE Bug 1215985",
"url": "https://bugzilla.suse.com/1215985"
},
{
"category": "self",
"summary": "SUSE Bug 1216109",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "self",
"summary": "SUSE Bug 1216943",
"url": "https://bugzilla.suse.com/1216943"
},
{
"category": "self",
"summary": "SUSE Bug 1216944",
"url": "https://bugzilla.suse.com/1216944"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39323 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39323/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-39325 page",
"url": "https://www.suse.com/security/cve/CVE-2023-39325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-44487 page",
"url": "https://www.suse.com/security/cve/CVE-2023-44487/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45283 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45283/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45284 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45284/"
}
],
"title": "Security update for go1.20-openssl",
"tracking": {
"current_release_date": "2023-11-16T18:01:39Z",
"generator": {
"date": "2023-11-16T18:01:39Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4472-1",
"initial_release_date": "2023-11-16T18:01:39Z",
"revision_history": [
{
"date": "2023-11-16T18:01:39Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"product": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"product_id": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"product": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"product_id": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"product": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"product_id": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.i586",
"product": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.i586",
"product_id": "go1.20-openssl-1.20.11.1-150000.1.14.1.i586"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.i586",
"product": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.i586",
"product_id": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"product": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"product_id": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"product": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"product_id": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"product": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"product_id": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"product": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"product_id": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"product": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"product_id": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"product": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"product_id": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"product": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"product_id": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"product": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"product_id": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"product": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"product_id": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
},
"product_reference": "go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39323"
}
],
"notes": [
{
"category": "general",
"text": "Line directives (\"//line\") can be used to bypass the restrictions on \"//go:cgo_\" directives, allowing blocked linker and compiler flags to be passed during compilation. This can result in unexpected execution of arbitrary code when running \"go build\". The line directive requires the absolute path of the file in which the directive lives, which makes exploiting this issue significantly more complex.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39323",
"url": "https://www.suse.com/security/cve/CVE-2023-39323"
},
{
"category": "external",
"summary": "SUSE Bug 1215985 for CVE-2023-39323",
"url": "https://bugzilla.suse.com/1215985"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T18:01:39Z",
"details": "important"
}
],
"title": "CVE-2023-39323"
},
{
"cve": "CVE-2023-39325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-39325"
}
],
"notes": [
{
"category": "general",
"text": "A malicious HTTP/2 client which rapidly creates requests and immediately resets them can cause excessive server resource consumption. While the total number of requests is bounded by the http2.Server.MaxConcurrentStreams setting, resetting an in-progress request allows the attacker to create a new request while the existing one is still executing. With the fix applied, HTTP/2 servers now bound the number of simultaneously executing handler goroutines to the stream concurrency limit (MaxConcurrentStreams). New requests arriving when at the limit (which can only happen after the client has reset an existing, in-flight request) will be queued until a handler exits. If the request queue grows too large, the server will terminate the connection. This issue is also fixed in golang.org/x/net/http2 for users manually configuring HTTP/2. The default stream concurrency limit is 250 streams (requests) per HTTP/2 connection. This value may be adjusted using the golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams setting and the ConfigureServer function.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-39325",
"url": "https://www.suse.com/security/cve/CVE-2023-39325"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1230323 for CVE-2023-39325",
"url": "https://bugzilla.suse.com/1230323"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T18:01:39Z",
"details": "important"
}
],
"title": "CVE-2023-39325"
},
{
"cve": "CVE-2023-44487",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-44487"
}
],
"notes": [
{
"category": "general",
"text": "The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-44487",
"url": "https://www.suse.com/security/cve/CVE-2023-44487"
},
{
"category": "external",
"summary": "SUSE Bug 1216109 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216109"
},
{
"category": "external",
"summary": "SUSE Bug 1216123 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216123"
},
{
"category": "external",
"summary": "SUSE Bug 1216169 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216169"
},
{
"category": "external",
"summary": "SUSE Bug 1216171 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216171"
},
{
"category": "external",
"summary": "SUSE Bug 1216174 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216174"
},
{
"category": "external",
"summary": "SUSE Bug 1216176 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216176"
},
{
"category": "external",
"summary": "SUSE Bug 1216181 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216181"
},
{
"category": "external",
"summary": "SUSE Bug 1216182 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216182"
},
{
"category": "external",
"summary": "SUSE Bug 1216190 for CVE-2023-44487",
"url": "https://bugzilla.suse.com/1216190"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T18:01:39Z",
"details": "important"
}
],
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45283",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45283"
}
],
"notes": [
{
"category": "general",
"text": "The filepath package does not recognize paths with a \\??\\ prefix as special. On Windows, a path beginning with \\??\\ is a Root Local Device path equivalent to a path beginning with \\\\?\\. Paths with a \\??\\ prefix may be used to access arbitrary locations on the system. For example, the path \\??\\c:\\x is equivalent to the more common path c:\\x. Before fix, Clean could convert a rooted path such as \\a\\..\\??\\b into the root local device path \\??\\b. Clean will now convert this to .\\??\\b. Similarly, Join(\\, ??, b) could convert a seemingly innocent sequence of path elements into the root local device path \\??\\b. Join will now convert this to \\.\\??\\b. In addition, with fix, IsAbs now correctly reports paths beginning with \\??\\ as absolute, and VolumeName correctly reports the \\??\\ prefix as a volume name. UPDATE: Go 1.20.11 and Go 1.21.4 inadvertently changed the definition of the volume name in Windows paths starting with \\?, resulting in filepath.Clean(\\?\\c:) returning \\?\\c: rather than \\?\\c:\\ (among other effects). The previous behavior has been restored.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45283",
"url": "https://www.suse.com/security/cve/CVE-2023-45283"
},
{
"category": "external",
"summary": "SUSE Bug 1216943 for CVE-2023-45283",
"url": "https://bugzilla.suse.com/1216943"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T18:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-45283"
},
{
"cve": "CVE-2023-45284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45284"
}
],
"notes": [
{
"category": "general",
"text": "On Windows, The IsLocal function does not correctly detect reserved device names in some cases. Reserved names followed by spaces, such as \"COM1 \", and reserved names \"COM\" and \"LPT\" followed by superscript 1, 2, or 3, are incorrectly reported as local. With fix, IsLocal now correctly reports these names as non-local.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45284",
"url": "https://www.suse.com/security/cve/CVE-2023-45284"
},
{
"category": "external",
"summary": "SUSE Bug 1216944 for CVE-2023-45284",
"url": "https://bugzilla.suse.com/1216944"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.4:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-doc-1.20.11.1-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.20-openssl-race-1.20.11.1-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-16T18:01:39Z",
"details": "moderate"
}
],
"title": "CVE-2023-45284"
}
]
}
WID-SEC-W-2023-2516
Vulnerability from csaf_certbund - Published: 2023-09-28 22:00 - Updated: 2025-07-16 22:00Summary
Golang Go: Mehre Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein Angreifer kann eine Schwachstelle in Golang Go ausnutzen, um einen nicht näher spezifizierten Angriff durchzuführen.
Betroffene Betriebssysteme: - Linux
- MacOS X
- Sonstiges
- Windows
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.8
Splunk / Splunk Enterprise
|
<9.0.8 | ||
|
IBM DB2 REST <1.0.0.1158-amd64
IBM / DB2
|
REST <1.0.0.1158-amd64 | ||
|
Splunk Splunk Enterprise <9.3.1
Splunk / Splunk Enterprise
|
<9.3.1 | ||
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Splunk Splunk Enterprise <9.1.3
Splunk / Splunk Enterprise
|
<9.1.3 | ||
|
IBM Spectrum Protect Plus <10.1.16.2
IBM / Spectrum Protect Plus
|
<10.1.16.2 | ||
|
Splunk Splunk Enterprise <9.2.3
Splunk / Splunk Enterprise
|
<9.2.3 | ||
|
Golang Go <1.21.2
Golang / Go
|
<1.21.2 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Splunk Splunk Enterprise <9.1.6
Splunk / Splunk Enterprise
|
<9.1.6 | ||
|
Golang Go <1.20.9
Golang / Go
|
<1.20.9 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
17 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Splunk Splunk Enterprise <9.0.8
Splunk / Splunk Enterprise
|
<9.0.8 | ||
|
IBM DB2 REST <1.0.0.1158-amd64
IBM / DB2
|
REST <1.0.0.1158-amd64 | ||
|
Splunk Splunk Enterprise <9.3.1
Splunk / Splunk Enterprise
|
<9.3.1 | ||
|
Xerox FreeFlow Print Server v9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v9
|
v9 | |
|
Splunk Splunk Enterprise <9.1.3
Splunk / Splunk Enterprise
|
<9.1.3 | ||
|
IBM Spectrum Protect Plus <10.1.16.2
IBM / Spectrum Protect Plus
|
<10.1.16.2 | ||
|
Splunk Splunk Enterprise <9.2.3
Splunk / Splunk Enterprise
|
<9.2.3 | ||
|
Golang Go <1.21.2
Golang / Go
|
<1.21.2 | ||
|
Gentoo Linux
Gentoo
|
cpe:/o:gentoo:linux:-
|
— | |
|
Xerox FreeFlow Print Server v7
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:v7
|
v7 | |
|
Splunk Splunk Enterprise <9.1.6
Splunk / Splunk Enterprise
|
<9.1.6 | ||
|
Golang Go <1.20.9
Golang / Go
|
<1.20.9 | ||
|
Fedora Linux
Fedora
|
cpe:/o:fedoraproject:fedora:-
|
— | |
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
F5 BIG-IP
F5
|
cpe:/a:f5:big-ip:-
|
— | |
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
References
21 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann eine Schwachstelle in Golang Go ausnutzen, um einen nicht n\u00e4her spezifizierten Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-2516 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2516.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-2516 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2516"
},
{
"category": "external",
"summary": "Golang Security Advisory vom 2023-09-28",
"url": "https://groups.google.com/g/golang-announce/c/2dWHvJVFA9s/m/lF9Srr_QAAAJ"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4017-1 vom 2023-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016574.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4018-1 vom 2023-10-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-October/016573.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2023-1871 vom 2023-10-19",
"url": "https://alas.aws.amazon.com/ALAS-2023-1871.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-2023-FE53E13B5B vom 2023-10-20",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-2023-fe53e13b5b"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALASECS-2023-016 vom 2023-11-01",
"url": "https://alas.aws.amazon.com/AL2/ALASECS-2023-016.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2023:4472-1 vom 2023-11-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017047.html"
},
{
"category": "external",
"summary": "Fedora Security Advisory FEDORA-EPEL-2023-1C906D04EE vom 2023-11-24",
"url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2023-1c906d04ee"
},
{
"category": "external",
"summary": "Gentoo Linux Security Advisory GLSA-202311-09 vom 2023-11-25",
"url": "https://security.gentoo.org/glsa/202311-09"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7104449 vom 2024-01-02",
"url": "https://www.ibm.com/support/pages/node/7104449"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-6574-1 vom 2024-01-11",
"url": "https://ubuntu.com/security/notices/USN-6574-1"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2024-0109 vom 2024-01-22",
"url": "https://advisory.splunk.com//advisories/SVD-2024-0109"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX24-004 vom 2024-03-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox%C2%AE-Security-Bulletin-XRX24-004-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v7.pdf"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX24-005 vom 2024-03-04",
"url": "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox-Security-Bulletin-XRX24-005-Xerox-FreeFlow%C2%AE-Print-Server-v9_Feb-2024.pdf"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7161954 vom 2024-07-30",
"url": "https://www.ibm.com/support/pages/node/7161954"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2024-1012 vom 2024-10-14",
"url": "https://advisory.splunk.com//advisories/SVD-2024-1012"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7111-1 vom 2024-11-14",
"url": "https://ubuntu.com/security/notices/USN-7111-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7109-1 vom 2024-11-14",
"url": "https://ubuntu.com/security/notices/USN-7109-1"
},
{
"category": "external",
"summary": "F5 Security Advisory K000152607 vom 2025-07-17",
"url": "https://my.f5.com/manage/s/article/K000152607"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehre Schwachstellen",
"tracking": {
"current_release_date": "2025-07-16T22:00:00.000+00:00",
"generator": {
"date": "2025-07-17T08:16:55.219+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.4.0"
}
},
"id": "WID-SEC-W-2023-2516",
"initial_release_date": "2023-09-28T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-09-28T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2023-10-08T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: GO-2023-2095, 2242544"
},
{
"date": "2023-10-09T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-10-19T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-10-22T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-11-01T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2023-11-16T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2023-11-23T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Fedora aufgenommen"
},
{
"date": "2023-11-26T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Gentoo aufgenommen"
},
{
"date": "2024-01-02T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-01-10T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-01-22T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2024-03-03T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von XEROX aufgenommen"
},
{
"date": "2024-07-30T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Splunk-SVD aufgenommen"
},
{
"date": "2024-11-14T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von F5 aufgenommen"
}
],
"status": "final",
"version": "17"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "F5 BIG-IP",
"product": {
"name": "F5 BIG-IP",
"product_id": "T001663",
"product_identification_helper": {
"cpe": "cpe:/a:f5:big-ip:-"
}
}
}
],
"category": "vendor",
"name": "F5"
},
{
"branches": [
{
"category": "product_name",
"name": "Fedora Linux",
"product": {
"name": "Fedora Linux",
"product_id": "74185",
"product_identification_helper": {
"cpe": "cpe:/o:fedoraproject:fedora:-"
}
}
}
],
"category": "vendor",
"name": "Fedora"
},
{
"branches": [
{
"category": "product_name",
"name": "Gentoo Linux",
"product": {
"name": "Gentoo Linux",
"product_id": "T012167",
"product_identification_helper": {
"cpe": "cpe:/o:gentoo:linux:-"
}
}
}
],
"category": "vendor",
"name": "Gentoo"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.21.2",
"product": {
"name": "Golang Go \u003c1.21.2",
"product_id": "T030161"
}
},
{
"category": "product_version",
"name": "1.21.2",
"product": {
"name": "Golang Go 1.21.2",
"product_id": "T030161-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.21.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.20.9",
"product": {
"name": "Golang Go \u003c1.20.9",
"product_id": "T030162"
}
},
{
"category": "product_version",
"name": "1.20.9",
"product": {
"name": "Golang Go 1.20.9",
"product_id": "T030162-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.20.9"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "REST \u003c1.0.0.1158-amd64",
"product": {
"name": "IBM DB2 REST \u003c1.0.0.1158-amd64",
"product_id": "T031843"
}
},
{
"category": "product_version",
"name": "REST 1.0.0.1158-amd64",
"product": {
"name": "IBM DB2 REST 1.0.0.1158-amd64",
"product_id": "T031843-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:rest__1.0.0.1158-amd64"
}
}
}
],
"category": "product_name",
"name": "DB2"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.16.2",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.16.2",
"product_id": "T036379"
}
},
{
"category": "product_version",
"name": "10.1.16.2",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.16.2",
"product_id": "T036379-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.16.2"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.0.8",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.0.8",
"product_id": "T032269"
}
},
{
"category": "product_version",
"name": "9.0.8",
"product": {
"name": "Splunk Splunk Enterprise 9.0.8",
"product_id": "T032269-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.0.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.3",
"product_id": "T032270"
}
},
{
"category": "product_version",
"name": "9.1.3",
"product": {
"name": "Splunk Splunk Enterprise 9.1.3",
"product_id": "T032270-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.1",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.1",
"product_id": "T038314"
}
},
{
"category": "product_version",
"name": "9.3.1",
"product": {
"name": "Splunk Splunk Enterprise 9.3.1",
"product_id": "T038314-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.3",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.3",
"product_id": "T038315"
}
},
{
"category": "product_version",
"name": "9.2.3",
"product": {
"name": "Splunk Splunk Enterprise 9.2.3",
"product_id": "T038315-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.6",
"product_id": "T038316"
}
},
{
"category": "product_version",
"name": "9.1.6",
"product": {
"name": "Splunk Splunk Enterprise 9.1.6",
"product_id": "T038316-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.6"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T015631",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
},
{
"category": "product_version",
"name": "v9",
"product": {
"name": "Xerox FreeFlow Print Server v9",
"product_id": "T015632",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-39323",
"product_status": {
"known_affected": [
"T032269",
"T031843",
"T038314",
"T015632",
"T032270",
"T036379",
"T038315",
"T030161",
"T012167",
"T015631",
"T038316",
"T030162",
"74185",
"T002207",
"T000126",
"T001663",
"398363"
]
},
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-39323"
},
{
"cve": "CVE-2023-39324",
"product_status": {
"known_affected": [
"T032269",
"T031843",
"T038314",
"T015632",
"T032270",
"T036379",
"T038315",
"T030161",
"T012167",
"T015631",
"T038316",
"T030162",
"74185",
"T002207",
"T000126",
"T001663",
"398363"
]
},
"release_date": "2023-09-28T22:00:00.000+00:00",
"title": "CVE-2023-39324"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…