Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2024-34158 (GCVE-0-2024-34158)
Vulnerability from cvelistv5 – Published: 2024-09-06 20:42 – Updated: 2024-10-04 15:02
VLAI
EPSS
Title
Stack exhaustion in Parse in go/build/constraint
Summary
Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-674 - Uncontrolled Recursion
Assigner
References
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Go standard library | go/build/constraint |
Affected:
0 , < 1.22.7
(semver)
Affected: 1.23.0-0 , < 1.23.1 (semver) |
|
| go_build_constraint | go_standard_library |
Affected:
0 , < 1.22.7
(semver)
Affected: 1.23.0-0 , < 1.23.1 (semver) cpe:2.3:a:go_build_constraint:go_standard_library:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:go_build_constraint:go_standard_library:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "go_standard_library",
"vendor": "go_build_constraint",
"versions": [
{
"lessThan": "1.22.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.1",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-34158",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-09T13:59:30.881339Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-674",
"description": "CWE-674 Uncontrolled Recursion",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-09T14:04:26.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-10-04T15:02:47.715Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "https://security.netapp.com/advisory/ntap-20241004-0003/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://pkg.go.dev",
"defaultStatus": "unaffected",
"packageName": "go/build/constraint",
"product": "go/build/constraint",
"programRoutines": [
{
"name": "parsePlusBuildExpr"
},
{
"name": "exprParser.not"
},
{
"name": "Parse"
}
],
"vendor": "Go standard library",
"versions": [
{
"lessThan": "1.22.7",
"status": "affected",
"version": "0",
"versionType": "semver"
},
{
"lessThan": "1.23.1",
"status": "affected",
"version": "1.23.0-0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-674: Uncontrolled Recursion",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-09-06T20:42:42.822Z",
"orgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"shortName": "Go"
},
"references": [
{
"url": "https://go.dev/cl/611240"
},
{
"url": "https://go.dev/issue/69141"
},
{
"url": "https://groups.google.com/g/golang-dev/c/S9POB9NCTdk"
},
{
"url": "https://pkg.go.dev/vuln/GO-2024-3107"
}
],
"title": "Stack exhaustion in Parse in go/build/constraint"
}
},
"cveMetadata": {
"assignerOrgId": "1bb62c36-49e3-4200-9d77-64a1400537cc",
"assignerShortName": "Go",
"cveId": "CVE-2024-34158",
"datePublished": "2024-09-06T20:42:42.822Z",
"dateReserved": "2024-05-01T18:45:34.846Z",
"dateUpdated": "2024-10-04T15:02:47.715Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2024-34158",
"date": "2026-06-06",
"epss": "0.00163",
"percentile": "0.37087"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-34158\",\"sourceIdentifier\":\"security@golang.org\",\"published\":\"2024-09-06T21:15:12.083\",\"lastModified\":\"2024-11-21T09:18:13.030\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Calling Parse on a \\\"// +build\\\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.\"},{\"lang\":\"es\",\"value\":\"Llamar a Parse en una l\u00ednea de compilaci\u00f3n \\\"// +build\\\" con expresiones profundamente anidadas puede causar p\u00e1nico debido al agotamiento de la pila.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-674\"}]}],\"references\":[{\"url\":\"https://go.dev/cl/611240\",\"source\":\"security@golang.org\"},{\"url\":\"https://go.dev/issue/69141\",\"source\":\"security@golang.org\"},{\"url\":\"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk\",\"source\":\"security@golang.org\"},{\"url\":\"https://pkg.go.dev/vuln/GO-2024-3107\",\"source\":\"security@golang.org\"},{\"url\":\"https://security.netapp.com/advisory/ntap-20241004-0003/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://security.netapp.com/advisory/ntap-20241004-0003/\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-10-04T15:02:47.715Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.5, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-34158\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-09T13:59:30.881339Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:go_build_constraint:go_standard_library:*:*:*:*:*:*:*:*\"], \"vendor\": \"go_build_constraint\", \"product\": \"go_standard_library\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.22.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.23.0-0\", \"lessThan\": \"1.23.1\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-674\", \"description\": \"CWE-674 Uncontrolled Recursion\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-09T14:04:18.854Z\"}}], \"cna\": {\"title\": \"Stack exhaustion in Parse in go/build/constraint\", \"affected\": [{\"vendor\": \"Go standard library\", \"product\": \"go/build/constraint\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.22.7\", \"versionType\": \"semver\"}, {\"status\": \"affected\", \"version\": \"1.23.0-0\", \"lessThan\": \"1.23.1\", \"versionType\": \"semver\"}], \"packageName\": \"go/build/constraint\", \"collectionURL\": \"https://pkg.go.dev\", \"defaultStatus\": \"unaffected\", \"programRoutines\": [{\"name\": \"parsePlusBuildExpr\"}, {\"name\": \"exprParser.not\"}, {\"name\": \"Parse\"}]}], \"references\": [{\"url\": \"https://go.dev/cl/611240\"}, {\"url\": \"https://go.dev/issue/69141\"}, {\"url\": \"https://groups.google.com/g/golang-dev/c/S9POB9NCTdk\"}, {\"url\": \"https://pkg.go.dev/vuln/GO-2024-3107\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Calling Parse on a \\\"// +build\\\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-674: Uncontrolled Recursion\"}]}], \"providerMetadata\": {\"orgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"shortName\": \"Go\", \"dateUpdated\": \"2024-09-06T20:42:42.822Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-34158\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-10-04T15:02:47.715Z\", \"dateReserved\": \"2024-05-01T18:45:34.846Z\", \"assignerOrgId\": \"1bb62c36-49e3-4200-9d77-64a1400537cc\", \"datePublished\": \"2024-09-06T20:42:42.822Z\", \"assignerShortName\": \"Go\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
SUSE-SU-2024:3772-1
Vulnerability from csaf_suse - Published: 2024-10-29 13:54 - Updated: 2024-10-29 13:54Summary
Security update for go1.22-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.22-openssl
Description of the patch: This update for go1.22-openssl fixes the following issues:
This update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320)
- Update to version 1.22.7.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.7-1-openssl-fips.
* Update to Go 1.22.7 (#229)
- go1.22.7 (released 2024-09-05) includes security fixes to the
encoding/gob, go/build/constraint, and go/parser packages, as
well as bug fixes to the fix command and the runtime.
CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:
- go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)
- go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)
- go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)
- go#68811 os: TestChtimes failures
- go#68825 cmd/fix: fails to run on modules whose go directive value is in '1.n.m' format introduced in Go 1.21.0
- go#68972 cmd/cgo: aix c-archive corrupting stack
- go1.22.6 (released 2024-08-06) includes fixes to the go command,
the compiler, the linker, the trace command, the covdata command,
and the bytes, go/types, and os/exec packages.
* go#68594 cmd/compile: internal compiler error with zero-size types
* go#68546 cmd/trace/v2: pprof profiles always empty
* go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop
* go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm
* go#68370 go/types: assertion failure in recent range statement checking logic
* go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows
* go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race
* go#68222 cmd/go: list with -export and -covermode=atomic fails to build
* go#68198 cmd/link: issues with Xcode 16 beta
- Update to version 1.22.5.3 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-3-openssl-fips.
* Only load openssl if fips == '1'
Avoid loading openssl whenever GOLANG_FIPS is not 1.
Previously only an unset variable would cause the library load
to be skipped, but users may also expect to be able to set eg.
GOLANG_FIPS=0 in environments without openssl.
- Update to version 1.22.5.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-2-openssl-fips.
* Only load OpenSSL when in FIPS mode
- Update to version 1.22.5.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-1-openssl-fips.
* Update to go1.22.5
- go1.22.5 (released 2024-07-02) includes security fixes to the
net/http package, as well as bug fixes to the compiler, cgo, the
go command, the linker, the runtime, and the crypto/tls,
go/types, net, net/http, and os/exec packages.
CVE-2024-24791:
* go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways
* go#65983 cmd/compile: hash of unhashable type
* go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault()
* go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without '.exe' no longer implicitly adds '.exe' in Go 1.22
* go#67298 runtime: 'fatal: morestack on g0' on amd64 after upgrade to Go 1.21, stale bounds
* go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders
* go#67798 cmd/compile: internal compiler error: unexpected type: <nil> (<nil>) in for-range
* go#67820 cmd/compile: package-level variable initialization with constant dependencies doesn't match order specified in Go spec
* go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0
* go#67934 net: go DNS resolver fails to connect to local DNS server
* go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure
* go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N)
* go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT))
- Update to version 1.22.4.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.4-1-openssl-fips.
* Update to go1.22.4
- go1.22.4 (released 2024-06-04) includes security fixes to the
archive/zip and net/netip packages, as well as bug fixes to the
compiler, the go command, the linker, the runtime, and the os
package.
CVE-2024-24789 CVE-2024-24790:
* go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations
* go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
* go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes
* go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64
* go#67236 cmd/go: mod tidy reports toolchain not available with 'go 1.21'
* go#67258 runtime: unexpected fault address 0
* go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally
* go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID
* go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections
* go#67460 cmd/compile: internal compiler error: panic with range over integer value
* go#67527 cmd/link: panic: machorelocsect: size mismatch
* go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start
* go#67696 os: RemoveAll susceptible to symlink race
- Update to version 1.22.3.3 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-3-openssl-fips.
* config: update openssl backend (#201)
- Update to version 1.22.3.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-2-openssl-fips.
* patches: restore signature of HashSign/HashVerify (#199)
- Update to version 1.22.3.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-1-openssl-fips.
* Update to go1.22.3
* fix: rename patch file
* Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193)
runtime: crash asap and extend total sleep time for slow machine in test
Running with few threads usually does not need 500ms to crash, so let it
crash as soon as possible. While the test may caused more time on slow
machine, try to expand the sleep time in test.
* cmd/go: re-enable CGO for Go toolchain commands (#190)
* crypto/ecdsa: Restore HashSign and HashVerify (#189)
- go1.22.3 (released 2024-05-07) includes security fixes to the go
command and the net package, as well as bug fixes to the
compiler, the runtime, and the net/http package.
CVE-2024-24787 CVE-2024-24788:
* go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
* go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode
* go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
* go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
* go#66886 runtime: deterministic fallback hashes across process boundary
* go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
- Update to version 1.22.2.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.2-1-openssl-fips.
* Update to go1.22.2
- go1.22.2 (released 2024-04-03) includes a security fix to the
net/http package, as well as bug fixes to the compiler, the go
command, the linker, and the encoding/gob, go/types, net/http,
and runtime/trace packages.
CVE-2023-45288:
* go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers
* go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1
* go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation
* go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64
* go#66134 cmd/compile: go test . results in CLOSURE ... <unknown line number>: internal compiler error: assertion failed
* go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument
* go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr
* go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows
* go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock
* go#66256 cmd/go: git shallow fetches broken at CL 556358
* go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22
* go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le
- Update to version 1.22.1.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.1-2-openssl-fips.
* config: Update openssl v2 module (#178)
- Remove subpackage go1.x-openssl-libstd for compiled shared object
libstd.so.
* Continue to build experimental libstd only on go1.x Tumbleweed.
* Removal fixes build errors on go1.x-openssl Factory and ALP.
* Use of libstd.so is experimental and not recommended for
general use, Go currently has no ABI.
* Feature go build -buildmode=shared is deprecated by upstream,
but not yet removed.
- Initial package go1.22-openssl version 1.22.1.1 cut from the
go1.22-fips-release branch at the revision tagged
go1.22.1-1-openssl-fips.
* Go upstream merged branch dev.boringcrypto in go1.19+.
* In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.
* In go1.x-openssl enable FIPS mode (or boring mode as the
package is named) either via an environment variable
GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.
* When the operating system is operating in FIPS mode, Go
applications which import crypto/tls/fipsonly limit operations
to the FIPS ciphersuite.
* go1.x-openssl is delivered as two large patches to go1.x
applying necessary modifications from the golang-fips/go GitHub
project for the Go crypto library to use OpenSSL as the
external cryptographic library in a FIPS compliant way.
* go1.x-openssl modifies the crypto/* packages to use OpenSSL for
cryptographic operations.
* go1.x-openssl uses dlopen() to call into OpenSSL.
* SUSE RPM packaging introduces a fourth version digit go1.x.y.z
corresponding to the golang-fips/go patchset tagged revision.
* Patchset improvements can be updated independently of upstream
Go maintenance releases.
- go1.22.1 (released 2024-03-05) includes security fixes to the
crypto/x509, html/template, net/http, net/http/cookiejar, and
net/mail packages, as well as bug fixes to the compiler, the go
command, the runtime, the trace command, and the go/types and
net/http packages.
CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785:
* go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm
* go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled
* go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm
* go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
* go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping
* go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module
* go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders
* go#65474 internal/testenv: support LUCI mobile builders in testenv tests
* go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently
* go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change
* go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0
* go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing
* go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer
* go#65728 go/types: nil pointer dereference in Alias.Underlying()
* go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22
* go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux
* go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer
* go#65852 cmd/go: 'missing ziphash' error with go.work
* go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms
* bsc#1219988 ensure VERSION file is present in GOROOT
as required by go tool dist and go tool distpack
- go1.22 (released 2024-02-06) is a major release of Go.
go1.22.x minor releases will be provided through February 2024.
https://github.com/golang/go/wiki/Go-Release-Cycle
go1.22 arrives six months after go1.21. Most of its changes are
in the implementation of the toolchain, runtime, and libraries.
As always, the release maintains the Go 1 promise of
compatibility. We expect almost all Go programs to continue to
compile and run as before.
* Language change: go1.22 makes two changes to for loops.
Previously, the variables declared by a for loop were created
once and updated by each iteration. In go1.22, each iteration
of the loop creates new variables, to avoid accidental sharing
bugs. The transition support tooling described in the proposal
continues to work in the same way it did in Go 1.21.
* Language change: For loops may now range over integers
* Language change: go1.22 includes a preview of a language change
we are considering for a future version of Go:
range-over-function iterators. Building with
GOEXPERIMENT=rangefunc enables this feature.
* go command: Commands in workspaces can now use a vendor
directory containing the dependencies of the workspace. The
directory is created by go work vendor, and used by build
commands when the -mod flag is set to vendor, which is the
default when a workspace vendor directory is present. Note
that the vendor directory's contents for a workspace are
different from those of a single module: if the directory at
the root of a workspace also contains one of the modules in the
workspace, its vendor directory can contain the dependencies of
either the workspace or of the module, but not both.
* go get is no longer supported outside of a module in the legacy
GOPATH mode (that is, with GO111MODULE=off). Other build
commands, such as go build and go test, will continue to work
indefinitely for legacy GOPATH programs.
* go mod init no longer attempts to import module requirements
from configuration files for other vendoring tools (such as
Gopkg.lock).
* go test -cover now prints coverage summaries for covered
packages that do not have their own test files. Prior to Go
1.22 a go test -cover run for such a package would report: ?
mymod/mypack [no test files] and now with go1.22, functions in
the package are treated as uncovered: mymod/mypack coverage:
0.0% of statements Note that if a package contains no
executable code at all, we can't report a meaningful coverage
percentage; for such packages the go tool will continue to
report that there are no test files.
* trace: The trace tool's web UI has been gently refreshed as
part of the work to support the new tracer, resolving several
issues and improving the readability of various sub-pages. The
web UI now supports exploring traces in a thread-oriented
view. The trace viewer also now displays the full duration of
all system calls. These improvements only apply for viewing
traces produced by programs built with go1.22 or newer. A
future release will bring some of these improvements to traces
produced by older version of Go.
* vet: References to loop variables The behavior of the vet tool
has changed to match the new semantics (see above) of loop
variables in go1.22. When analyzing a file that requires go1.22
or newer (due to its go.mod file or a per-file build
constraint), vetcode> no longer reports references to loop
variables from within a function literal that might outlive the
iteration of the loop. In Go 1.22, loop variables are created
anew for each iteration, so such references are no longer at
risk of using a variable after it has been updated by the loop.
* vet: New warnings for missing values after append The vet tool
now reports calls to append that pass no values to be appended
to the slice, such as slice = append(slice). Such a statement
has no effect, and experience has shown that is nearly always a
mistake.
* vet: New warnings for deferring time.Since The vet tool now
reports a non-deferred call to time.Since(t) within a defer
statement. This is equivalent to calling time.Now().Sub(t)
before the defer statement, not when the deferred function is
called. In nearly all cases, the correct code requires
deferring the time.Since call.
* vet: New warnings for mismatched key-value pairs in log/slog
calls The vet tool now reports invalid arguments in calls to
functions and methods in the structured logging package,
log/slog, that accept alternating key/value pairs. It reports
calls where an argument in a key position is neither a string
nor a slog.Attr, and where a final key is missing its value.
* runtime: The runtime now keeps type-based garbage collection
metadata nearer to each heap object, improving the CPU
performance (latency or throughput) of Go programs by
1-3%. This change also reduces the memory overhead of the
majority Go programs by approximately 1% by deduplicating
redundant metadata. Some programs may see a smaller improvement
because this change adjusts the size class boundaries of the
memory allocator, so some objects may be moved up a size class.
A consequence of this change is that some objects' addresses
that were previously always aligned to a 16 byte (or higher)
boundary will now only be aligned to an 8 byte boundary. Some
programs that use assembly instructions that require memory
addresses to be more than 8-byte aligned and rely on the memory
allocator's previous alignment behavior may break, but we
expect such programs to be rare. Such programs may be built
with GOEXPERIMENT=noallocheaders to revert to the old metadata
layout and restore the previous alignment behavior, but package
owners should update their assembly code to avoid the alignment
assumption, as this workaround will be removed in a future
release.
* runtime: On the windows/amd64 port, programs linking or loading
Go libraries built with -buildmode=c-archive or
-buildmode=c-shared can now use the SetUnhandledExceptionFilter
Win32 function to catch exceptions not handled by the Go
runtime. Note that this was already supported on the
windows/386 port.
* compiler: Profile-guided Optimization (PGO) builds can now
devirtualize a higher proportion of calls than previously
possible. Most programs from a representative set of Go
programs now see between 2 and 14% improvement from enabling
PGO.
* compiler: The compiler now interleaves devirtualization and
inlining, so interface method calls are better optimized.
* compiler: go1.22 also includes a preview of an enhanced
implementation of the compiler's inlining phase that uses
heuristics to boost inlinability at call sites deemed
'important' (for example, in loops) and discourage inlining at
call sites deemed 'unimportant' (for example, on panic
paths). Building with GOEXPERIMENT=newinliner enables the new
call-site heuristics; see issue #61502 for more info and to
provide feedback.
* linker: The linker's -s and -w flags are now behave more
consistently across all platforms. The -w flag suppresses DWARF
debug information generation. The -s flag suppresses symbol
table generation. The -s flag also implies the -w flag, which
can be negated with -w=0. That is, -s -w=0 will generate a
binary with DWARF debug information generation but without the
symbol table.
* linker: On ELF platforms, the -B linker flag now accepts a
special form: with -B gobuildid, the linker will generate a GNU
build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go
build ID.
* linker: On Windows, when building with -linkmode=internal, the
linker now preserves SEH information from C object files by
copying the .pdata and .xdata sections into the final
binary. This helps with debugging and profiling binaries using
native tools, such as WinDbg. Note that until now, C functions'
SEH exception handlers were not being honored, so this change
may cause some programs to behave differently.
-linkmode=external is not affected by this change, as external
linkers already preserve SEH information.
* bootstrap: As mentioned in the Go 1.20 release notes, go1.22
now requires the final point release of Go 1.20 or later for
bootstrap. We expect that Go 1.24 will require the final point
release of go1.22 or later for bootstrap.
* core library: New math/rand/v2 package: go1.22 includes the
first “v2” package in the standard library, math/rand/v2. The
changes compared to math/rand are detailed in proposal
go#61716. The most important changes are:
- The Read method, deprecated in math/rand, was not carried
forward for math/rand/v2. (It remains available in
math/rand.) The vast majority of calls to Read should use
crypto/rand’s Read instead. Otherwise a custom Read can be
constructed using the Uint64 method.
- The global generator accessed by top-level functions is
unconditionally randomly seeded. Because the API guarantees
no fixed sequence of results, optimizations like per-thread
random generator states are now possible.
- The Source interface now has a single Uint64 method; there is
no Source64 interface.
- Many methods now use faster algorithms that were not possible
to adopt in math/rand because they changed the output
streams.
- The Intn, Int31, Int31n, Int63, and Int64n top-level
functions and methods from math/rand are spelled more
idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64,
and Int64N. There are also new top-level functions and
methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN.
- The new generic function N is like Int64N or Uint64N but
works for any integer type. For example a random duration
from 0 up to 5 minutes is rand.N(5*time.Minute).
- The Mitchell & Reeds LFSR generator provided by math/rand’s
Source has been replaced by two more modern pseudo-random
generator sources: ChaCha8 PCG. ChaCha8 is a new,
cryptographically strong random number generator roughly
similar to PCG in efficiency. ChaCha8 is the algorithm used
for the top-level functions in math/rand/v2. As of go1.22,
math/rand's top-level functions (when not explicitly seeded)
and the Go runtime also use ChaCha8 for randomness.
- We plan to include an API migration tool in a future release,
likely Go 1.23.
* core library: New go/version package: The new go/version
package implements functions for validating and comparing Go
version strings.
* core library: Enhanced routing patterns: HTTP routing in the
standard library is now more expressive. The patterns used by
net/http.ServeMux have been enhanced to accept methods and
wildcards. This change breaks backwards compatibility in small
ways, some obvious—patterns with '{' and '}' behave
differently— and some less so—treatment of escaped paths has
been improved. The change is controlled by a GODEBUG field
named httpmuxgo121. Set httpmuxgo121=1 to restore the old
behavior.
* Minor changes to the library As always, there are various minor
changes and updates to the library, made with the Go 1 promise
of compatibility in mind. There are also various performance
improvements, not enumerated here.
* archive/tar: The new method Writer.AddFS adds all of the files
from an fs.FS to the archive.
* archive/zip: The new method Writer.AddFS adds all of the files
from an fs.FS to the archive.
* bufio: When a SplitFunc returns ErrFinalToken with a nil token,
Scanner will now stop immediately. Previously, it would report
a final empty token before stopping, which was usually not
desired. Callers that do want to report a final empty token can
do so by returning []byte{} rather than nil.
* cmp: The new function Or returns the first in a sequence of
values that is not the zero value.
* crypto/tls: ConnectionState.ExportKeyingMaterial will now
return an error unless TLS 1.3 is in use, or the
extended_master_secret extension is supported by both the
server and client. crypto/tls has supported this extension
since Go 1.20. This can be disabled with the tlsunsafeekm=1
GODEBUG setting.
* crypto/tls: By default, the minimum version offered by
crypto/tls servers is now TLS 1.2 if not specified with
config.MinimumVersion, matching the behavior of crypto/tls
clients. This change can be reverted with the tls10server=1
GODEBUG setting.
* crypto/tls: By default, cipher suites without ECDHE support are
no longer offered by either clients or servers during pre-TLS
1.3 handshakes. This change can be reverted with the
tlsrsakex=1 GODEBUG setting.
* crypto/x509: The new CertPool.AddCertWithConstraint method can
be used to add customized constraints to root certificates to
be applied during chain building.
* crypto/x509: On Android, root certificates will now be loaded
from /data/misc/keychain/certs-added as well as
/system/etc/security/cacerts.
* crypto/x509: A new type, OID, supports ASN.1 Object Identifiers
with individual components larger than 31 bits. A new field
which uses this type, Policies, is added to the Certificate
struct, and is now populated during parsing. Any OIDs which
cannot be represented using a asn1.ObjectIdentifier will appear
in Policies, but not in the old PolicyIdentifiers field. When
calling CreateCertificate, the Policies field is ignored, and
policies are taken from the PolicyIdentifiers field. Using the
x509usepolicies=1 GODEBUG setting inverts this, populating
certificate policies from the Policies field, and ignoring the
PolicyIdentifiers field. We may change the default value of
x509usepolicies in Go 1.23, making Policies the default field
for marshaling.
* database/sql: The new Null[T] type provide a way to scan
nullable columns for any column types.
* debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64
systems. Additional R_LARCH_* constants are defined for use
with LoongArch systems.
* encoding: The new methods AppendEncode and AppendDecode added
to each of the Encoding types in the packages encoding/base32,
encoding/base64, and encoding/hex simplify encoding and
decoding from and to byte slices by taking care of byte slice
buffer management.
* encoding: The methods base32.Encoding.WithPadding and
base64.Encoding.WithPadding now panic if the padding argument
is a negative value other than NoPadding.
* encoding/json: Marshaling and encoding functionality now
escapes '\b' and '\f' characters as \b and \f instead of \u0008
and \u000c.
* go/ast: The following declarations related to syntactic
identifier resolution are now deprecated: Ident.Obj, Object,
Scope, File.Scope, File.Unresolved, Importer, Package,
NewPackage. In general, identifiers cannot be accurately
resolved without type information. Consider, for example, the
identifier K in T{K: ''}: it could be the name of a local
variable if T is a map type, or the name of a field if T is a
struct type. New programs should use the go/types package to
resolve identifiers; see Object, Info.Uses, and Info.Defs for
details.
* go/ast: The new ast.Unparen function removes any enclosing
parentheses from an expression.
* go/types: The new Alias type represents type
aliases. Previously, type aliases were not represented
explicitly, so a reference to a type alias was equivalent to
spelling out the aliased type, and the name of the alias was
lost. The new representation retains the intermediate
Alias. This enables improved error reporting (the name of a
type alias can be reported), and allows for better handling of
cyclic type declarations involving type aliases. In a future
release, Alias types will also carry type parameter
information. The new function Unalias returns the actual type
denoted by an Alias type (or any other Type for that matter).
* go/types: Because Alias types may break existing type switches
that do not know to check for them, this functionality is
controlled by a GODEBUG field named gotypesalias. With
gotypesalias=0, everything behaves as before, and Alias types
are never created. With gotypesalias=1, Alias types are created
and clients must expect them. The default is gotypesalias=0. In
a future release, the default will be changed to
gotypesalias=1. Clients of go/types are urged to adjust their
code as soon as possible to work with gotypesalias=1 to
eliminate problems early.
* go/types: The Info struct now exports the FileVersions map
which provides per-file Go version information.
* go/types: The new helper method PkgNameOf returns the local
package name for the given import declaration.
* go/types: The implementation of SizesFor has been adjusted to
compute the same type sizes as the compiler when the compiler
argument for SizesFor is 'gc'. The default Sizes implementation
used by the type checker is now types.SizesFor('gc', 'amd64').
* go/types: The start position (Pos) of the lexical environment
block (Scope) that represents a function body has changed: it
used to start at the opening curly brace of the function body,
but now starts at the function's func token.
* html/template: Javascript template literals may now contain Go
template actions, and parsing a template containing one will no
longer return ErrJSTemplate. Similarly the GODEBUG setting
jstmpllitinterp no longer has any effect.
* io: The new SectionReader.Outer method returns the ReaderAt,
offset, and size passed to NewSectionReader.
* log/slog: The new SetLogLoggerLevel function controls the level
for the bridge between the `slog` and `log` packages. It sets
the minimum level for calls to the top-level `slog` logging
functions, and it sets the level for calls to `log.Logger` that
go through `slog`.
* math/big: The new method Rat.FloatPrec computes the number of
fractional decimal digits required to represent a rational
number accurately as a floating-point number, and whether
accurate decimal representation is possible in the first place.
* net: When io.Copy copies from a TCPConn to a UnixConn, it will
now use Linux's splice(2) system call if possible, using the
new method TCPConn.WriteTo.
* net: The Go DNS Resolver, used when building with
'-tags=netgo', now searches for a matching name in the Windows
hosts file, located at %SystemRoot%\System32\drivers\etc\hosts,
before making a DNS query.
* net/http: The new functions ServeFileFS, FileServerFS, and
NewFileTransportFS are versions of the existing ServeFile,
FileServer, and NewFileTransport, operating on an fs.FS.
* net/http: The HTTP server and client now reject requests and
responses containing an invalid empty Content-Length
header. The previous behavior may be restored by setting
GODEBUG field httplaxcontentlength=1.
* net/http: The new method Request.PathValue returns path
wildcard values from a request and the new method
Request.SetPathValue sets path wildcard values on a request.
* net/http/cgi: When executing a CGI process, the PATH_INFO
variable is now always set to the empty string or a value
starting with a / character, as required by RFC 3875. It was
previously possible for some combinations of Handler.Root and
request URL to violate this requirement.
* net/netip: The new AddrPort.Compare method compares two
AddrPorts.
* os: On Windows, the Stat function now follows all reparse
points that link to another named entity in the system. It was
previously only following IO_REPARSE_TAG_SYMLINK and
IO_REPARSE_TAG_MOUNT_POINT reparse points.
* os: On Windows, passing O_SYNC to OpenFile now causes write
operations to go directly to disk, equivalent to O_SYNC on Unix
platforms.
* os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and
File.Readdirnames functions now read directory entries in
batches to reduce the number of system calls, improving
performance up to 30%.
* os: When io.Copy copies from a File to a net.UnixConn, it will
now use Linux's sendfile(2) system call if possible, using the
new method File.WriteTo.
* os/exec: On Windows, LookPath now ignores empty entries
in %PATH%, and returns ErrNotFound (instead of ErrNotExist)
if no executable file extension is found to resolve an
otherwise-unambiguous name.
* os/exec: On Windows, Command and Cmd.Start no longer call
LookPath if the path to the executable is already absolute and
has an executable file extension. In addition, Cmd.Start no
longer writes the resolved extension back to the Path field, so
it is now safe to call the String method concurrently with a
call to Start.
* reflect: The Value.IsZero method will now return true for a
floating-point or complex negative zero, and will return true
for a struct value if a blank field (a field named _) somehow
has a non-zero value. These changes make IsZero consistent with
comparing a value to zero using the language == operator.
* reflect: The PtrTo function is deprecated, in favor of
PointerTo.
* reflect: The new function TypeFor returns the Type that
represents the type argument T. Previously, to get the
reflect.Type value for a type, one had to use
reflect.TypeOf((*T)(nil)).Elem(). This may now be written as
reflect.TypeFor[T]().
* runtime/metrics: Four new histogram metrics
/sched/pauses/stopping/gc:seconds,
/sched/pauses/stopping/other:seconds,
/sched/pauses/total/gc:seconds, and
/sched/pauses/total/other:seconds provide additional details
about stop-the-world pauses. The 'stopping' metrics report the
time taken from deciding to stop the world until all goroutines
are stopped. The 'total' metrics report the time taken from
deciding to stop the world until it is started again.
* runtime/metrics: The /gc/pauses:seconds metric is deprecated,
as it is equivalent to the new /sched/pauses/total/gc:seconds
metric.
* runtime/metrics: /sync/mutex/wait/total:seconds now includes
contention on runtime-internal locks in addition to sync.Mutex
and sync.RWMutex.
* runtime/pprof: Mutex profiles now scale contention by the
number of goroutines blocked on the mutex. This provides a more
accurate representation of the degree to which a mutex is a
bottleneck in a Go program. For instance, if 100 goroutines are
blocked on a mutex for 10 milliseconds, a mutex profile will
now record 1 second of delay instead of 10 milliseconds of
delay.
* runtime/pprof: Mutex profiles also now include contention on
runtime-internal locks in addition to sync.Mutex and
sync.RWMutex. Contention on runtime-internal locks is always
reported at runtime._LostContendedRuntimeLock. A future release
will add complete stack traces in these cases.
* runtime/pprof: CPU profiles on Darwin platforms now contain the
process's memory map, enabling the disassembly view in the
pprof tool.
* runtime/trace: The execution tracer has been completely
overhauled in this release, resolving several long-standing
issues and paving the way for new use-cases for execution
traces.
* runtime/trace: Execution traces now use the operating system's
clock on most platforms (Windows excluded) so it is possible to
correlate them with traces produced by lower-level
components. Execution traces no longer depend on the
reliability of the platform's clock to produce a correct
trace. Execution traces are now partitioned regularly
on-the-fly and as a result may be processed in a streamable
way. Execution traces now contain complete durations for all
system calls. Execution traces now contain information about
the operating system threads that goroutines executed on. The
latency impact of starting and stopping execution traces has
been dramatically reduced. Execution traces may now begin or
end during the garbage collection mark phase.
* runtime/trace: To allow Go developers to take advantage of
these improvements, an experimental trace reading package is
available at golang.org/x/exp/trace. Note that this package
only works on traces produced by programs built with go1.22 at
the moment. Please try out the package and provide feedback on
the corresponding proposal issue.
* runtime/trace: If you experience any issues with the new
execution tracer implementation, you may switch back to the old
implementation by building your Go program with
GOEXPERIMENT=noexectracer2. If you do, please file an issue,
otherwise this option will be removed in a future release.
* slices: The new function Concat concatenates multiple slices.
* slices: Functions that shrink the size of a slice (Delete,
DeleteFunc, Compact, CompactFunc, and Replace) now zero the
elements between the new length and the old length.
* slices: Insert now always panics if the argument i is out of
range. Previously it did not panic in this situation if there
were no elements to be inserted.
* syscall: The syscall package has been frozen since Go 1.4 and
was marked as deprecated in Go 1.11, causing many editors to
warn about any use of the package. However, some non-deprecated
functionality requires use of the syscall package, such as the
os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints
on such code, the syscall package is no longer marked as
deprecated. The package remains frozen to most new
functionality, and new code remains encouraged to use
golang.org/x/sys/unix or golang.org/x/sys/windows where
possible.
* syscall: On Linux, the new SysProcAttr.PidFD field allows
obtaining a PID FD when starting a child process via
StartProcess or os/exec.
* syscall: On Windows, passing O_SYNC to Open now causes write
operations to go directly to disk, equivalent to O_SYNC on Unix
platforms.
* testing/slogtest: The new Run function uses sub-tests to run
test cases, providing finer-grained control.
* Ports: Darwin: On macOS on 64-bit x86 architecture (the
darwin/amd64 port), the Go toolchain now generates
position-independent executables (PIE) by default. Non-PIE
binaries can be generated by specifying the -buildmode=exe
build flag. On 64-bit ARM-based macOS (the darwin/arm64 port),
the Go toolchain already generates PIE by default. go1.22 is
the last release that will run on macOS 10.15 Catalina. Go 1.23
will require macOS 11 Big Sur or later.
* Ports: Arm: The GOARM environment variable now allows you to
select whether to use software or hardware floating
point. Previously, valid GOARM values were 5, 6, or 7. Now
those same values can be optionally followed by ,softfloat or
,hardfloat to select the floating-point implementation. This
new option defaults to softfloat for version 5 and hardfloat
for versions 6 and 7.
* Ports: Loong64: The loong64 port now supports passing function
arguments and results using registers. The linux/loong64 port
now supports the address sanitizer, memory sanitizer, new-style
linker relocations, and the plugin build mode.
* OpenBSD go1.22 adds an experimental port to OpenBSD on
big-endian 64-bit PowerPC (openbsd/ppc64).
Patchnames: SUSE-2024-3772,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3772,openSUSE-SLE-15.5-2024-3772
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
62 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.22-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.22-openssl fixes the following issues:\n\nThis update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320)\n\n- Update to version 1.22.7.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.7-1-openssl-fips.\n\n * Update to Go 1.22.7 (#229)\n\n- go1.22.7 (released 2024-09-05) includes security fixes to the\n encoding/gob, go/build/constraint, and go/parser packages, as\n well as bug fixes to the fix command and the runtime.\n\n CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:\n - go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)\n - go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)\n - go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)\n - go#68811 os: TestChtimes failures\n - go#68825 cmd/fix: fails to run on modules whose go directive value is in \u00271.n.m\u0027 format introduced in Go 1.21.0\n - go#68972 cmd/cgo: aix c-archive corrupting stack\n\n- go1.22.6 (released 2024-08-06) includes fixes to the go command,\n the compiler, the linker, the trace command, the covdata command,\n and the bytes, go/types, and os/exec packages.\n\n * go#68594 cmd/compile: internal compiler error with zero-size types\n * go#68546 cmd/trace/v2: pprof profiles always empty\n * go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop\n * go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm\n * go#68370 go/types: assertion failure in recent range statement checking logic\n * go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows\n * go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race\n * go#68222 cmd/go: list with -export and -covermode=atomic fails to build\n * go#68198 cmd/link: issues with Xcode 16 beta\n\n- Update to version 1.22.5.3 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-3-openssl-fips.\n\n * Only load openssl if fips == \u00271\u0027\n Avoid loading openssl whenever GOLANG_FIPS is not 1.\n Previously only an unset variable would cause the library load\n to be skipped, but users may also expect to be able to set eg.\n GOLANG_FIPS=0 in environments without openssl.\n\n- Update to version 1.22.5.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-2-openssl-fips.\n\n * Only load OpenSSL when in FIPS mode\n\n- Update to version 1.22.5.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-1-openssl-fips.\n\n * Update to go1.22.5\n\n- go1.22.5 (released 2024-07-02) includes security fixes to the\n net/http package, as well as bug fixes to the compiler, cgo, the\n go command, the linker, the runtime, and the crypto/tls,\n go/types, net, net/http, and os/exec packages.\n\n CVE-2024-24791:\n * go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways\n * go#65983 cmd/compile: hash of unhashable type\n * go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault()\n * go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without \u0027.exe\u0027 no longer implicitly adds \u0027.exe\u0027 in Go 1.22\n * go#67298 runtime: \u0027fatal: morestack on g0\u0027 on amd64 after upgrade to Go 1.21, stale bounds\n * go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders\n * go#67798 cmd/compile: internal compiler error: unexpected type: \u003cnil\u003e (\u003cnil\u003e) in for-range\n * go#67820 cmd/compile: package-level variable initialization with constant dependencies doesn\u0027t match order specified in Go spec\n * go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0\n * go#67934 net: go DNS resolver fails to connect to local DNS server\n * go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure\n * go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go \u003e= 1.N+1 (running go 1.N)\n * go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT))\n\n- Update to version 1.22.4.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.4-1-openssl-fips.\n\n * Update to go1.22.4\n\n- go1.22.4 (released 2024-06-04) includes security fixes to the\n archive/zip and net/netip packages, as well as bug fixes to the\n compiler, the go command, the linker, the runtime, and the os\n package.\n\n CVE-2024-24789 CVE-2024-24790:\n * go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations\n * go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses\n * go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes\n * go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64\n * go#67236 cmd/go: mod tidy reports toolchain not available with \u0027go 1.21\u0027\n * go#67258 runtime: unexpected fault address 0\n * go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally\n * go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID\n * go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections\n * go#67460 cmd/compile: internal compiler error: panic with range over integer value\n * go#67527 cmd/link: panic: machorelocsect: size mismatch\n * go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start\n * go#67696 os: RemoveAll susceptible to symlink race\n\n- Update to version 1.22.3.3 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-3-openssl-fips.\n\n * config: update openssl backend (#201)\n\n- Update to version 1.22.3.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-2-openssl-fips.\n\n * patches: restore signature of HashSign/HashVerify (#199)\n\n- Update to version 1.22.3.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-1-openssl-fips.\n\n * Update to go1.22.3\n * fix: rename patch file\n * Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193)\n runtime: crash asap and extend total sleep time for slow machine in test\n Running with few threads usually does not need 500ms to crash, so let it\n crash as soon as possible. While the test may caused more time on slow\n machine, try to expand the sleep time in test.\n * cmd/go: re-enable CGO for Go toolchain commands (#190)\n * crypto/ecdsa: Restore HashSign and HashVerify (#189)\n\n- go1.22.3 (released 2024-05-07) includes security fixes to the go\n command and the net package, as well as bug fixes to the\n compiler, the runtime, and the net/http package.\n\n CVE-2024-24787 CVE-2024-24788:\n * go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin\n * go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode\n * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le\n * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE\n * go#66886 runtime: deterministic fallback hashes across process boundary\n * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0\n\n- Update to version 1.22.2.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.2-1-openssl-fips.\n\n * Update to go1.22.2\n\n- go1.22.2 (released 2024-04-03) includes a security fix to the\n net/http package, as well as bug fixes to the compiler, the go\n command, the linker, and the encoding/gob, go/types, net/http,\n and runtime/trace packages.\n\n CVE-2023-45288:\n * go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers\n * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1\n * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation\n * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64\n * go#66134 cmd/compile: go test . results in CLOSURE ... \u003cunknown line number\u003e: internal compiler error: assertion failed\n * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument\n * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr\n * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows\n * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock\n * go#66256 cmd/go: git shallow fetches broken at CL 556358\n * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22\n * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le\n\n- Update to version 1.22.1.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.1-2-openssl-fips.\n\n * config: Update openssl v2 module (#178)\n\n- Remove subpackage go1.x-openssl-libstd for compiled shared object\n libstd.so.\n\n * Continue to build experimental libstd only on go1.x Tumbleweed.\n * Removal fixes build errors on go1.x-openssl Factory and ALP.\n * Use of libstd.so is experimental and not recommended for\n general use, Go currently has no ABI.\n * Feature go build -buildmode=shared is deprecated by upstream,\n but not yet removed.\n\n- Initial package go1.22-openssl version 1.22.1.1 cut from the\n go1.22-fips-release branch at the revision tagged\n go1.22.1-1-openssl-fips.\n\n * Go upstream merged branch dev.boringcrypto in go1.19+.\n * In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.\n * In go1.x-openssl enable FIPS mode (or boring mode as the\n package is named) either via an environment variable\n GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.\n * When the operating system is operating in FIPS mode, Go\n applications which import crypto/tls/fipsonly limit operations\n to the FIPS ciphersuite.\n * go1.x-openssl is delivered as two large patches to go1.x\n applying necessary modifications from the golang-fips/go GitHub\n project for the Go crypto library to use OpenSSL as the\n external cryptographic library in a FIPS compliant way.\n * go1.x-openssl modifies the crypto/* packages to use OpenSSL for\n cryptographic operations.\n * go1.x-openssl uses dlopen() to call into OpenSSL.\n * SUSE RPM packaging introduces a fourth version digit go1.x.y.z\n corresponding to the golang-fips/go patchset tagged revision.\n * Patchset improvements can be updated independently of upstream\n Go maintenance releases.\n\n- go1.22.1 (released 2024-03-05) includes security fixes to the\n crypto/x509, html/template, net/http, net/http/cookiejar, and\n net/mail packages, as well as bug fixes to the compiler, the go\n command, the runtime, the trace command, and the go/types and\n net/http packages.\n\n CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785:\n * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm\n * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled\n * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm\n * go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect\n * go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping\n * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module\n * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders\n * go#65474 internal/testenv: support LUCI mobile builders in testenv tests\n * go#65577 cmd/trace/v2: goroutine analysis page doesn\u0027t identify goroutines consistently\n * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change\n * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0\n * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing\n * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer\n * go#65728 go/types: nil pointer dereference in Alias.Underlying()\n * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22\n * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux\n * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer\n * go#65852 cmd/go: \u0027missing ziphash\u0027 error with go.work\n * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms\n\n * bsc#1219988 ensure VERSION file is present in GOROOT\n as required by go tool dist and go tool distpack\n\n- go1.22 (released 2024-02-06) is a major release of Go.\n go1.22.x minor releases will be provided through February 2024.\n https://github.com/golang/go/wiki/Go-Release-Cycle\n go1.22 arrives six months after go1.21. Most of its changes are\n in the implementation of the toolchain, runtime, and libraries.\n As always, the release maintains the Go 1 promise of\n compatibility. We expect almost all Go programs to continue to\n compile and run as before.\n\n * Language change: go1.22 makes two changes to for loops.\n Previously, the variables declared by a for loop were created\n once and updated by each iteration. In go1.22, each iteration\n of the loop creates new variables, to avoid accidental sharing\n bugs. The transition support tooling described in the proposal\n continues to work in the same way it did in Go 1.21.\n * Language change: For loops may now range over integers\n * Language change: go1.22 includes a preview of a language change\n we are considering for a future version of Go:\n range-over-function iterators. Building with\n GOEXPERIMENT=rangefunc enables this feature.\n * go command: Commands in workspaces can now use a vendor\n directory containing the dependencies of the workspace. The\n directory is created by go work vendor, and used by build\n commands when the -mod flag is set to vendor, which is the\n default when a workspace vendor directory is present. Note\n that the vendor directory\u0027s contents for a workspace are\n different from those of a single module: if the directory at\n the root of a workspace also contains one of the modules in the\n workspace, its vendor directory can contain the dependencies of\n either the workspace or of the module, but not both.\n * go get is no longer supported outside of a module in the legacy\n GOPATH mode (that is, with GO111MODULE=off). Other build\n commands, such as go build and go test, will continue to work\n indefinitely for legacy GOPATH programs.\n * go mod init no longer attempts to import module requirements\n from configuration files for other vendoring tools (such as\n Gopkg.lock).\n * go test -cover now prints coverage summaries for covered\n packages that do not have their own test files. Prior to Go\n 1.22 a go test -cover run for such a package would report: ?\n mymod/mypack [no test files] and now with go1.22, functions in\n the package are treated as uncovered: mymod/mypack coverage:\n 0.0% of statements Note that if a package contains no\n executable code at all, we can\u0027t report a meaningful coverage\n percentage; for such packages the go tool will continue to\n report that there are no test files.\n * trace: The trace tool\u0027s web UI has been gently refreshed as\n part of the work to support the new tracer, resolving several\n issues and improving the readability of various sub-pages. The\n web UI now supports exploring traces in a thread-oriented\n view. The trace viewer also now displays the full duration of\n all system calls. These improvements only apply for viewing\n traces produced by programs built with go1.22 or newer. A\n future release will bring some of these improvements to traces\n produced by older version of Go.\n * vet: References to loop variables The behavior of the vet tool\n has changed to match the new semantics (see above) of loop\n variables in go1.22. When analyzing a file that requires go1.22\n or newer (due to its go.mod file or a per-file build\n constraint), vetcode\u003e no longer reports references to loop\n variables from within a function literal that might outlive the\n iteration of the loop. In Go 1.22, loop variables are created\n anew for each iteration, so such references are no longer at\n risk of using a variable after it has been updated by the loop.\n * vet: New warnings for missing values after append The vet tool\n now reports calls to append that pass no values to be appended\n to the slice, such as slice = append(slice). Such a statement\n has no effect, and experience has shown that is nearly always a\n mistake.\n * vet: New warnings for deferring time.Since The vet tool now\n reports a non-deferred call to time.Since(t) within a defer\n statement. This is equivalent to calling time.Now().Sub(t)\n before the defer statement, not when the deferred function is\n called. In nearly all cases, the correct code requires\n deferring the time.Since call.\n * vet: New warnings for mismatched key-value pairs in log/slog\n calls The vet tool now reports invalid arguments in calls to\n functions and methods in the structured logging package,\n log/slog, that accept alternating key/value pairs. It reports\n calls where an argument in a key position is neither a string\n nor a slog.Attr, and where a final key is missing its value.\n * runtime: The runtime now keeps type-based garbage collection\n metadata nearer to each heap object, improving the CPU\n performance (latency or throughput) of Go programs by\n 1-3%. This change also reduces the memory overhead of the\n majority Go programs by approximately 1% by deduplicating\n redundant metadata. Some programs may see a smaller improvement\n because this change adjusts the size class boundaries of the\n memory allocator, so some objects may be moved up a size class.\n A consequence of this change is that some objects\u0027 addresses\n that were previously always aligned to a 16 byte (or higher)\n boundary will now only be aligned to an 8 byte boundary. Some\n programs that use assembly instructions that require memory\n addresses to be more than 8-byte aligned and rely on the memory\n allocator\u0027s previous alignment behavior may break, but we\n expect such programs to be rare. Such programs may be built\n with GOEXPERIMENT=noallocheaders to revert to the old metadata\n layout and restore the previous alignment behavior, but package\n owners should update their assembly code to avoid the alignment\n assumption, as this workaround will be removed in a future\n release.\n * runtime: On the windows/amd64 port, programs linking or loading\n Go libraries built with -buildmode=c-archive or\n -buildmode=c-shared can now use the SetUnhandledExceptionFilter\n Win32 function to catch exceptions not handled by the Go\n runtime. Note that this was already supported on the\n windows/386 port.\n * compiler: Profile-guided Optimization (PGO) builds can now\n devirtualize a higher proportion of calls than previously\n possible. Most programs from a representative set of Go\n programs now see between 2 and 14% improvement from enabling\n PGO.\n * compiler: The compiler now interleaves devirtualization and\n inlining, so interface method calls are better optimized.\n * compiler: go1.22 also includes a preview of an enhanced\n implementation of the compiler\u0027s inlining phase that uses\n heuristics to boost inlinability at call sites deemed\n \u0027important\u0027 (for example, in loops) and discourage inlining at\n call sites deemed \u0027unimportant\u0027 (for example, on panic\n paths). Building with GOEXPERIMENT=newinliner enables the new\n call-site heuristics; see issue #61502 for more info and to\n provide feedback.\n * linker: The linker\u0027s -s and -w flags are now behave more\n consistently across all platforms. The -w flag suppresses DWARF\n debug information generation. The -s flag suppresses symbol\n table generation. The -s flag also implies the -w flag, which\n can be negated with -w=0. That is, -s -w=0 will generate a\n binary with DWARF debug information generation but without the\n symbol table.\n * linker: On ELF platforms, the -B linker flag now accepts a\n special form: with -B gobuildid, the linker will generate a GNU\n build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go\n build ID.\n * linker: On Windows, when building with -linkmode=internal, the\n linker now preserves SEH information from C object files by\n copying the .pdata and .xdata sections into the final\n binary. This helps with debugging and profiling binaries using\n native tools, such as WinDbg. Note that until now, C functions\u0027\n SEH exception handlers were not being honored, so this change\n may cause some programs to behave differently.\n -linkmode=external is not affected by this change, as external\n linkers already preserve SEH information.\n * bootstrap: As mentioned in the Go 1.20 release notes, go1.22\n now requires the final point release of Go 1.20 or later for\n bootstrap. We expect that Go 1.24 will require the final point\n release of go1.22 or later for bootstrap.\n * core library: New math/rand/v2 package: go1.22 includes the\n first \u201cv2\u201d package in the standard library, math/rand/v2. The\n changes compared to math/rand are detailed in proposal\n go#61716. The most important changes are:\n - The Read method, deprecated in math/rand, was not carried\n forward for math/rand/v2. (It remains available in\n math/rand.) The vast majority of calls to Read should use\n crypto/rand\u2019s Read instead. Otherwise a custom Read can be\n constructed using the Uint64 method.\n - The global generator accessed by top-level functions is\n unconditionally randomly seeded. Because the API guarantees\n no fixed sequence of results, optimizations like per-thread\n random generator states are now possible.\n - The Source interface now has a single Uint64 method; there is\n no Source64 interface.\n - Many methods now use faster algorithms that were not possible\n to adopt in math/rand because they changed the output\n streams.\n - The Intn, Int31, Int31n, Int63, and Int64n top-level\n functions and methods from math/rand are spelled more\n idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64,\n and Int64N. There are also new top-level functions and\n methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN.\n - The new generic function N is like Int64N or Uint64N but\n works for any integer type. For example a random duration\n from 0 up to 5 minutes is rand.N(5*time.Minute).\n - The Mitchell \u0026 Reeds LFSR generator provided by math/rand\u2019s\n Source has been replaced by two more modern pseudo-random\n generator sources: ChaCha8 PCG. ChaCha8 is a new,\n cryptographically strong random number generator roughly\n similar to PCG in efficiency. ChaCha8 is the algorithm used\n for the top-level functions in math/rand/v2. As of go1.22,\n math/rand\u0027s top-level functions (when not explicitly seeded)\n and the Go runtime also use ChaCha8 for randomness.\n - We plan to include an API migration tool in a future release,\n likely Go 1.23.\n * core library: New go/version package: The new go/version\n package implements functions for validating and comparing Go\n version strings.\n * core library: Enhanced routing patterns: HTTP routing in the\n standard library is now more expressive. The patterns used by\n net/http.ServeMux have been enhanced to accept methods and\n wildcards. This change breaks backwards compatibility in small\n ways, some obvious\u2014patterns with \u0027{\u0027 and \u0027}\u0027 behave\n differently\u2014 and some less so\u2014treatment of escaped paths has\n been improved. The change is controlled by a GODEBUG field\n named httpmuxgo121. Set httpmuxgo121=1 to restore the old\n behavior.\n * Minor changes to the library As always, there are various minor\n changes and updates to the library, made with the Go 1 promise\n of compatibility in mind. There are also various performance\n improvements, not enumerated here.\n * archive/tar: The new method Writer.AddFS adds all of the files\n from an fs.FS to the archive.\n * archive/zip: The new method Writer.AddFS adds all of the files\n from an fs.FS to the archive.\n * bufio: When a SplitFunc returns ErrFinalToken with a nil token,\n Scanner will now stop immediately. Previously, it would report\n a final empty token before stopping, which was usually not\n desired. Callers that do want to report a final empty token can\n do so by returning []byte{} rather than nil.\n * cmp: The new function Or returns the first in a sequence of\n values that is not the zero value.\n * crypto/tls: ConnectionState.ExportKeyingMaterial will now\n return an error unless TLS 1.3 is in use, or the\n extended_master_secret extension is supported by both the\n server and client. crypto/tls has supported this extension\n since Go 1.20. This can be disabled with the tlsunsafeekm=1\n GODEBUG setting.\n * crypto/tls: By default, the minimum version offered by\n crypto/tls servers is now TLS 1.2 if not specified with\n config.MinimumVersion, matching the behavior of crypto/tls\n clients. This change can be reverted with the tls10server=1\n GODEBUG setting.\n * crypto/tls: By default, cipher suites without ECDHE support are\n no longer offered by either clients or servers during pre-TLS\n 1.3 handshakes. This change can be reverted with the\n tlsrsakex=1 GODEBUG setting.\n * crypto/x509: The new CertPool.AddCertWithConstraint method can\n be used to add customized constraints to root certificates to\n be applied during chain building.\n * crypto/x509: On Android, root certificates will now be loaded\n from /data/misc/keychain/certs-added as well as\n /system/etc/security/cacerts.\n * crypto/x509: A new type, OID, supports ASN.1 Object Identifiers\n with individual components larger than 31 bits. A new field\n which uses this type, Policies, is added to the Certificate\n struct, and is now populated during parsing. Any OIDs which\n cannot be represented using a asn1.ObjectIdentifier will appear\n in Policies, but not in the old PolicyIdentifiers field. When\n calling CreateCertificate, the Policies field is ignored, and\n policies are taken from the PolicyIdentifiers field. Using the\n x509usepolicies=1 GODEBUG setting inverts this, populating\n certificate policies from the Policies field, and ignoring the\n PolicyIdentifiers field. We may change the default value of\n x509usepolicies in Go 1.23, making Policies the default field\n for marshaling.\n * database/sql: The new Null[T] type provide a way to scan\n nullable columns for any column types.\n * debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64\n systems. Additional R_LARCH_* constants are defined for use\n with LoongArch systems.\n * encoding: The new methods AppendEncode and AppendDecode added\n to each of the Encoding types in the packages encoding/base32,\n encoding/base64, and encoding/hex simplify encoding and\n decoding from and to byte slices by taking care of byte slice\n buffer management.\n * encoding: The methods base32.Encoding.WithPadding and\n base64.Encoding.WithPadding now panic if the padding argument\n is a negative value other than NoPadding.\n * encoding/json: Marshaling and encoding functionality now\n escapes \u0027\\b\u0027 and \u0027\\f\u0027 characters as \\b and \\f instead of \\u0008\n and \\u000c.\n * go/ast: The following declarations related to syntactic\n identifier resolution are now deprecated: Ident.Obj, Object,\n Scope, File.Scope, File.Unresolved, Importer, Package,\n NewPackage. In general, identifiers cannot be accurately\n resolved without type information. Consider, for example, the\n identifier K in T{K: \u0027\u0027}: it could be the name of a local\n variable if T is a map type, or the name of a field if T is a\n struct type. New programs should use the go/types package to\n resolve identifiers; see Object, Info.Uses, and Info.Defs for\n details.\n * go/ast: The new ast.Unparen function removes any enclosing\n parentheses from an expression.\n * go/types: The new Alias type represents type\n aliases. Previously, type aliases were not represented\n explicitly, so a reference to a type alias was equivalent to\n spelling out the aliased type, and the name of the alias was\n lost. The new representation retains the intermediate\n Alias. This enables improved error reporting (the name of a\n type alias can be reported), and allows for better handling of\n cyclic type declarations involving type aliases. In a future\n release, Alias types will also carry type parameter\n information. The new function Unalias returns the actual type\n denoted by an Alias type (or any other Type for that matter).\n * go/types: Because Alias types may break existing type switches\n that do not know to check for them, this functionality is\n controlled by a GODEBUG field named gotypesalias. With\n gotypesalias=0, everything behaves as before, and Alias types\n are never created. With gotypesalias=1, Alias types are created\n and clients must expect them. The default is gotypesalias=0. In\n a future release, the default will be changed to\n gotypesalias=1. Clients of go/types are urged to adjust their\n code as soon as possible to work with gotypesalias=1 to\n eliminate problems early.\n * go/types: The Info struct now exports the FileVersions map\n which provides per-file Go version information.\n * go/types: The new helper method PkgNameOf returns the local\n package name for the given import declaration.\n * go/types: The implementation of SizesFor has been adjusted to\n compute the same type sizes as the compiler when the compiler\n argument for SizesFor is \u0027gc\u0027. The default Sizes implementation\n used by the type checker is now types.SizesFor(\u0027gc\u0027, \u0027amd64\u0027).\n * go/types: The start position (Pos) of the lexical environment\n block (Scope) that represents a function body has changed: it\n used to start at the opening curly brace of the function body,\n but now starts at the function\u0027s func token.\n * html/template: Javascript template literals may now contain Go\n template actions, and parsing a template containing one will no\n longer return ErrJSTemplate. Similarly the GODEBUG setting\n jstmpllitinterp no longer has any effect.\n * io: The new SectionReader.Outer method returns the ReaderAt,\n offset, and size passed to NewSectionReader.\n * log/slog: The new SetLogLoggerLevel function controls the level\n for the bridge between the `slog` and `log` packages. It sets\n the minimum level for calls to the top-level `slog` logging\n functions, and it sets the level for calls to `log.Logger` that\n go through `slog`.\n * math/big: The new method Rat.FloatPrec computes the number of\n fractional decimal digits required to represent a rational\n number accurately as a floating-point number, and whether\n accurate decimal representation is possible in the first place.\n * net: When io.Copy copies from a TCPConn to a UnixConn, it will\n now use Linux\u0027s splice(2) system call if possible, using the\n new method TCPConn.WriteTo.\n * net: The Go DNS Resolver, used when building with\n \u0027-tags=netgo\u0027, now searches for a matching name in the Windows\n hosts file, located at %SystemRoot%\\System32\\drivers\\etc\\hosts,\n before making a DNS query.\n * net/http: The new functions ServeFileFS, FileServerFS, and\n NewFileTransportFS are versions of the existing ServeFile,\n FileServer, and NewFileTransport, operating on an fs.FS.\n * net/http: The HTTP server and client now reject requests and\n responses containing an invalid empty Content-Length\n header. The previous behavior may be restored by setting\n GODEBUG field httplaxcontentlength=1.\n * net/http: The new method Request.PathValue returns path\n wildcard values from a request and the new method\n Request.SetPathValue sets path wildcard values on a request.\n * net/http/cgi: When executing a CGI process, the PATH_INFO\n variable is now always set to the empty string or a value\n starting with a / character, as required by RFC 3875. It was\n previously possible for some combinations of Handler.Root and\n request URL to violate this requirement.\n * net/netip: The new AddrPort.Compare method compares two\n AddrPorts.\n * os: On Windows, the Stat function now follows all reparse\n points that link to another named entity in the system. It was\n previously only following IO_REPARSE_TAG_SYMLINK and\n IO_REPARSE_TAG_MOUNT_POINT reparse points.\n * os: On Windows, passing O_SYNC to OpenFile now causes write\n operations to go directly to disk, equivalent to O_SYNC on Unix\n platforms.\n * os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and\n File.Readdirnames functions now read directory entries in\n batches to reduce the number of system calls, improving\n performance up to 30%.\n * os: When io.Copy copies from a File to a net.UnixConn, it will\n now use Linux\u0027s sendfile(2) system call if possible, using the\n new method File.WriteTo.\n * os/exec: On Windows, LookPath now ignores empty entries\n in %PATH%, and returns ErrNotFound (instead of ErrNotExist)\n if no executable file extension is found to resolve an\n otherwise-unambiguous name.\n * os/exec: On Windows, Command and Cmd.Start no longer call\n LookPath if the path to the executable is already absolute and\n has an executable file extension. In addition, Cmd.Start no\n longer writes the resolved extension back to the Path field, so\n it is now safe to call the String method concurrently with a\n call to Start.\n * reflect: The Value.IsZero method will now return true for a\n floating-point or complex negative zero, and will return true\n for a struct value if a blank field (a field named _) somehow\n has a non-zero value. These changes make IsZero consistent with\n comparing a value to zero using the language == operator.\n * reflect: The PtrTo function is deprecated, in favor of\n PointerTo.\n * reflect: The new function TypeFor returns the Type that\n represents the type argument T. Previously, to get the\n reflect.Type value for a type, one had to use\n reflect.TypeOf((*T)(nil)).Elem(). This may now be written as\n reflect.TypeFor[T]().\n * runtime/metrics: Four new histogram metrics\n /sched/pauses/stopping/gc:seconds,\n /sched/pauses/stopping/other:seconds,\n /sched/pauses/total/gc:seconds, and\n /sched/pauses/total/other:seconds provide additional details\n about stop-the-world pauses. The \u0027stopping\u0027 metrics report the\n time taken from deciding to stop the world until all goroutines\n are stopped. The \u0027total\u0027 metrics report the time taken from\n deciding to stop the world until it is started again.\n * runtime/metrics: The /gc/pauses:seconds metric is deprecated,\n as it is equivalent to the new /sched/pauses/total/gc:seconds\n metric.\n * runtime/metrics: /sync/mutex/wait/total:seconds now includes\n contention on runtime-internal locks in addition to sync.Mutex\n and sync.RWMutex.\n * runtime/pprof: Mutex profiles now scale contention by the\n number of goroutines blocked on the mutex. This provides a more\n accurate representation of the degree to which a mutex is a\n bottleneck in a Go program. For instance, if 100 goroutines are\n blocked on a mutex for 10 milliseconds, a mutex profile will\n now record 1 second of delay instead of 10 milliseconds of\n delay.\n * runtime/pprof: Mutex profiles also now include contention on\n runtime-internal locks in addition to sync.Mutex and\n sync.RWMutex. Contention on runtime-internal locks is always\n reported at runtime._LostContendedRuntimeLock. A future release\n will add complete stack traces in these cases.\n * runtime/pprof: CPU profiles on Darwin platforms now contain the\n process\u0027s memory map, enabling the disassembly view in the\n pprof tool.\n * runtime/trace: The execution tracer has been completely\n overhauled in this release, resolving several long-standing\n issues and paving the way for new use-cases for execution\n traces.\n * runtime/trace: Execution traces now use the operating system\u0027s\n clock on most platforms (Windows excluded) so it is possible to\n correlate them with traces produced by lower-level\n components. Execution traces no longer depend on the\n reliability of the platform\u0027s clock to produce a correct\n trace. Execution traces are now partitioned regularly\n on-the-fly and as a result may be processed in a streamable\n way. Execution traces now contain complete durations for all\n system calls. Execution traces now contain information about\n the operating system threads that goroutines executed on. The\n latency impact of starting and stopping execution traces has\n been dramatically reduced. Execution traces may now begin or\n end during the garbage collection mark phase.\n * runtime/trace: To allow Go developers to take advantage of\n these improvements, an experimental trace reading package is\n available at golang.org/x/exp/trace. Note that this package\n only works on traces produced by programs built with go1.22 at\n the moment. Please try out the package and provide feedback on\n the corresponding proposal issue.\n * runtime/trace: If you experience any issues with the new\n execution tracer implementation, you may switch back to the old\n implementation by building your Go program with\n GOEXPERIMENT=noexectracer2. If you do, please file an issue,\n otherwise this option will be removed in a future release.\n * slices: The new function Concat concatenates multiple slices.\n * slices: Functions that shrink the size of a slice (Delete,\n DeleteFunc, Compact, CompactFunc, and Replace) now zero the\n elements between the new length and the old length.\n * slices: Insert now always panics if the argument i is out of\n range. Previously it did not panic in this situation if there\n were no elements to be inserted.\n * syscall: The syscall package has been frozen since Go 1.4 and\n was marked as deprecated in Go 1.11, causing many editors to\n warn about any use of the package. However, some non-deprecated\n functionality requires use of the syscall package, such as the\n os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints\n on such code, the syscall package is no longer marked as\n deprecated. The package remains frozen to most new\n functionality, and new code remains encouraged to use\n golang.org/x/sys/unix or golang.org/x/sys/windows where\n possible.\n * syscall: On Linux, the new SysProcAttr.PidFD field allows\n obtaining a PID FD when starting a child process via\n StartProcess or os/exec.\n * syscall: On Windows, passing O_SYNC to Open now causes write\n operations to go directly to disk, equivalent to O_SYNC on Unix\n platforms.\n * testing/slogtest: The new Run function uses sub-tests to run\n test cases, providing finer-grained control.\n * Ports: Darwin: On macOS on 64-bit x86 architecture (the\n darwin/amd64 port), the Go toolchain now generates\n position-independent executables (PIE) by default. Non-PIE\n binaries can be generated by specifying the -buildmode=exe\n build flag. On 64-bit ARM-based macOS (the darwin/arm64 port),\n the Go toolchain already generates PIE by default. go1.22 is\n the last release that will run on macOS 10.15 Catalina. Go 1.23\n will require macOS 11 Big Sur or later.\n * Ports: Arm: The GOARM environment variable now allows you to\n select whether to use software or hardware floating\n point. Previously, valid GOARM values were 5, 6, or 7. Now\n those same values can be optionally followed by ,softfloat or\n ,hardfloat to select the floating-point implementation. This\n new option defaults to softfloat for version 5 and hardfloat\n for versions 6 and 7.\n * Ports: Loong64: The loong64 port now supports passing function\n arguments and results using registers. The linux/loong64 port\n now supports the address sanitizer, memory sanitizer, new-style\n linker relocations, and the plugin build mode.\n * OpenBSD go1.22 adds an experimental port to OpenBSD on\n big-endian 64-bit PowerPC (openbsd/ppc64).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3772,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3772,openSUSE-SLE-15.5-2024-3772",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3772-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3772-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243772-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3772-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019688.html"
},
{
"category": "self",
"summary": "SUSE Bug 1218424",
"url": "https://bugzilla.suse.com/1218424"
},
{
"category": "self",
"summary": "SUSE Bug 1219988",
"url": "https://bugzilla.suse.com/1219988"
},
{
"category": "self",
"summary": "SUSE Bug 1220999",
"url": "https://bugzilla.suse.com/1220999"
},
{
"category": "self",
"summary": "SUSE Bug 1221000",
"url": "https://bugzilla.suse.com/1221000"
},
{
"category": "self",
"summary": "SUSE Bug 1221001",
"url": "https://bugzilla.suse.com/1221001"
},
{
"category": "self",
"summary": "SUSE Bug 1221002",
"url": "https://bugzilla.suse.com/1221002"
},
{
"category": "self",
"summary": "SUSE Bug 1221003",
"url": "https://bugzilla.suse.com/1221003"
},
{
"category": "self",
"summary": "SUSE Bug 1221400",
"url": "https://bugzilla.suse.com/1221400"
},
{
"category": "self",
"summary": "SUSE Bug 1224017",
"url": "https://bugzilla.suse.com/1224017"
},
{
"category": "self",
"summary": "SUSE Bug 1224018",
"url": "https://bugzilla.suse.com/1224018"
},
{
"category": "self",
"summary": "SUSE Bug 1225973",
"url": "https://bugzilla.suse.com/1225973"
},
{
"category": "self",
"summary": "SUSE Bug 1225974",
"url": "https://bugzilla.suse.com/1225974"
},
{
"category": "self",
"summary": "SUSE Bug 1227314",
"url": "https://bugzilla.suse.com/1227314"
},
{
"category": "self",
"summary": "SUSE Bug 1230252",
"url": "https://bugzilla.suse.com/1230252"
},
{
"category": "self",
"summary": "SUSE Bug 1230253",
"url": "https://bugzilla.suse.com/1230253"
},
{
"category": "self",
"summary": "SUSE Bug 1230254",
"url": "https://bugzilla.suse.com/1230254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45289 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45290 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24784 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24785 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24787 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34158/"
}
],
"title": "Security update for go1.22-openssl",
"tracking": {
"current_release_date": "2024-10-29T13:54:03Z",
"generator": {
"date": "2024-10-29T13:54:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3772-1",
"initial_release_date": "2024-10-29T13:54:03Z",
"revision_history": [
{
"date": "2024-10-29T13:54:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"product": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"product_id": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"product_id": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"product_id": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.i586",
"product": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.i586",
"product_id": "go1.22-openssl-1.22.7.1-150000.1.3.1.i586"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.i586",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.i586",
"product_id": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"product_id": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"product_id": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"product_id": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"product": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"product_id": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"product_id": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"product_id": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"product": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"product_id": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"product_id": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"product_id": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-45289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45289"
}
],
"notes": [
{
"category": "general",
"text": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45289",
"url": "https://www.suse.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "SUSE Bug 1221000 for CVE-2023-45289",
"url": "https://bugzilla.suse.com/1221000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "important"
}
],
"title": "CVE-2023-45289"
},
{
"cve": "CVE-2023-45290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45290"
}
],
"notes": [
{
"category": "general",
"text": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45290",
"url": "https://www.suse.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "SUSE Bug 1221001 for CVE-2023-45290",
"url": "https://bugzilla.suse.com/1221001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "important"
}
],
"title": "CVE-2023-45290"
},
{
"cve": "CVE-2024-24783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24783"
}
],
"notes": [
{
"category": "general",
"text": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24783",
"url": "https://www.suse.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "SUSE Bug 1220999 for CVE-2024-24783",
"url": "https://bugzilla.suse.com/1220999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "important"
}
],
"title": "CVE-2024-24783"
},
{
"cve": "CVE-2024-24784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24784"
}
],
"notes": [
{
"category": "general",
"text": "The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24784",
"url": "https://www.suse.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "SUSE Bug 1221002 for CVE-2024-24784",
"url": "https://bugzilla.suse.com/1221002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "important"
}
],
"title": "CVE-2024-24784"
},
{
"cve": "CVE-2024-24785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24785"
}
],
"notes": [
{
"category": "general",
"text": "If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24785",
"url": "https://www.suse.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "SUSE Bug 1221003 for CVE-2024-24785",
"url": "https://bugzilla.suse.com/1221003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "important"
}
],
"title": "CVE-2024-24785"
},
{
"cve": "CVE-2024-24787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24787"
}
],
"notes": [
{
"category": "general",
"text": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24787",
"url": "https://www.suse.com/security/cve/CVE-2024-24787"
},
{
"category": "external",
"summary": "SUSE Bug 1224017 for CVE-2024-24787",
"url": "https://bugzilla.suse.com/1224017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-24787"
},
{
"cve": "CVE-2024-24788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24788"
}
],
"notes": [
{
"category": "general",
"text": "A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24788",
"url": "https://www.suse.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "SUSE Bug 1224018 for CVE-2024-24788",
"url": "https://bugzilla.suse.com/1224018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-24788"
},
{
"cve": "CVE-2024-24789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24789"
}
],
"notes": [
{
"category": "general",
"text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24789",
"url": "https://www.suse.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "SUSE Bug 1225973 for CVE-2024-24789",
"url": "https://bugzilla.suse.com/1225973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-24789"
},
{
"cve": "CVE-2024-24790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24790"
}
],
"notes": [
{
"category": "general",
"text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24790",
"url": "https://www.suse.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "SUSE Bug 1225974 for CVE-2024-24790",
"url": "https://bugzilla.suse.com/1225974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-24791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24791"
}
],
"notes": [
{
"category": "general",
"text": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24791",
"url": "https://www.suse.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "SUSE Bug 1227314 for CVE-2024-24791",
"url": "https://bugzilla.suse.com/1227314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-24791"
},
{
"cve": "CVE-2024-34155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34155"
}
],
"notes": [
{
"category": "general",
"text": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34155",
"url": "https://www.suse.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "SUSE Bug 1230252 for CVE-2024-34155",
"url": "https://bugzilla.suse.com/1230252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34156"
}
],
"notes": [
{
"category": "general",
"text": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34156",
"url": "https://www.suse.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "SUSE Bug 1230253 for CVE-2024-34156",
"url": "https://bugzilla.suse.com/1230253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34158"
}
],
"notes": [
{
"category": "general",
"text": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34158",
"url": "https://www.suse.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "SUSE Bug 1230254 for CVE-2024-34158",
"url": "https://bugzilla.suse.com/1230254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-doc-1.22.7.1-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.22-openssl-race-1.22.7.1-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-34158"
}
]
}
SUSE-SU-2024:3773-1
Vulnerability from csaf_suse - Published: 2024-10-29 13:54 - Updated: 2024-10-29 13:54Summary
Security update for go1.23-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.23-openssl
Description of the patch: This update for go1.23-openssl fixes the following issues:
This update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320)
- go1.23.2 (released 2024-10-01) includes fixes to the compiler,
cgo, the runtime, and the maps, os, os/exec, time, and unique
packages.
* go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess
* go#69156 maps: segmentation violation in maps.Clone
* go#69219 cmd/cgo: alignment issue with int128 inside of a struct
* go#69240 unique: fatal error: found pointer to free object
* go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel
* go#69383 unique: large string still referenced, after interning only a small substring
* go#69402 os/exec: resource leak on exec failure
* go#69511 cmd/compile: mysterious crashes and non-determinism with range over func
- Update to version 1.23.1.1 cut from the go1.23-fips-release
branch at the revision tagged go1.23.1-1-openssl-fips.
* Update to Go 1.23.1 (#238)
- go1.23.1 (released 2024-09-05) includes security fixes to the
encoding/gob, go/build/constraint, and go/parser packages, as
well as bug fixes to the compiler, the go command, the runtime,
and the database/sql, go/types, os, runtime/trace, and unique
packages.
CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:
- go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions
- go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode
- go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse
- go#68812 os: TestChtimes failures
- go#68894 go/types: 'under' panics on Alias type
- go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing
- go#68907 os: CopyFS overwrites existing file in destination.
- go#68973 cmd/cgo: aix c-archive corrupting stack
- go#68992 unique: panic when calling unique.Make with string casted as any
- go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE
- go#68995 cmd/go: multi-arch build via qemu fails to exec go binary
- go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex
- go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine
- go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode
- go1.23 (released 2024-08-13) is a major release of Go.
go1.23.x minor releases will be provided through August 2025.
https://github.com/golang/go/wiki/Go-Release-Cycle
go1.23 arrives six months after go1.22. Most of its changes are
in the implementation of the toolchain, runtime, and libraries.
As always, the release maintains the Go 1 promise of
compatibility. We expect almost all Go programs to continue to
compile and run as before.
* Language change: Go 1.23 makes the (Go 1.22) 'range-over-func'
experiment a part of the language. The 'range' clause in a
'for-range' loop now accepts iterator functions of the
following types:
func(func() bool)
func(func(K) bool)
func(func(K, V) bool)
as range expressions. Calls of the iterator argument function
produce the iteration values for the 'for-range' loop. For
details see the iter package documentation and the language
spec. For motivation see the 2022 'range-over-func' discussion.
* Language change: Go 1.23 includes preview support for generic
type aliases. Building the toolchain with
GOEXPERIMENT=aliastypeparams enables this feature within a
package. (Using generic alias types across package boundaries
is not yet supported.)
* Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can
collect usage and breakage statistics that help the Go team
understand how the Go toolchain is used and how well it is
working. We refer to these statistics as Go telemetry.
Go telemetry is an opt-in system, controlled by the go
telemetry command. By default, the toolchain programs collect
statistics in counter files that can be inspected locally but
are otherwise unused (go telemetry local).
To help us keep Go working well and understand Go usage, please
consider opting in to Go telemetry by running go telemetry
on. In that mode, anonymous counter reports are uploaded to
telemetry.go.dev weekly, where they are aggregated into graphs
and also made available for download by any Go contributors or
users wanting to analyze the data. See 'Go Telemetry' for more
details about the Go Telemetry system.
* go command: Setting the GOROOT_FINAL environment variable no
longer has an effect (#62047). Distributions that install the
go command to a location other than $GOROOT/bin/go should
install a symlink instead of relocating or copying the go
binary.
* go command: The new go env -changed flag causes the command to
print only those settings whose effective value differs from
the default value that would be obtained in an empty
environment with no prior uses of the -w flag.
* go command: The new go mod tidy -diff flag causes the command
not to modify the files but instead print the necessary changes
as a unified diff. It exits with a non-zero code if updates are
needed.
* go command: The go list -m -json command now includes new Sum
and GoModSum fields. This is similar to the existing behavior
of the go mod download -json command.
* go command: The new godebug directive in go.mod and go.work
declares a GODEBUG setting to apply for the work module or
workspace in use.
* go vet: The go vet subcommand now includes the stdversion
analyzer, which flags references to symbols that are too new
for the version of Go in effect in the referring file. (The
effective version is determined by the go directive in the
file's enclosing go.mod file, and by any //go:build constraints
in the file.)
For example, it will report a diagnostic for a reference to the
reflect.TypeFor function (introduced in go1.22) from a file in
a module whose go.mod file specifies go 1.21.
* cgo: cmd/cgo supports the new -ldflags flag for passing flags
to the C linker. The go command uses it automatically, avoiding
'argument list too long' errors with a very large CGO_LDFLAGS.
* go trace: The trace tool now better tolerates partially broken
traces by attempting to recover what trace data it can. This
functionality is particularly helpful when viewing a trace that
was collected during a program crash, since the trace data
leading up to the crash will now be recoverable under most
circumstances.
* Runtime: The traceback printed by the runtime after an
unhandled panic or other fatal error now indents the second and
subsequent lines of the error message (for example, the
argument to panic) by a single tab, so that it can be
unambiguously distinguished from the stack trace of the first
goroutine. See go#64590 for discussion.
* Compiler: The build time overhead to building with Profile
Guided Optimization has been reduced significantly. Previously,
large builds could see 100%+ build time increase from enabling
PGO. In Go 1.23, overhead should be in the single digit
percentages.
* Compiler: The compiler in Go 1.23 can now overlap the stack
frame slots of local variables accessed in disjoint regions of
a function, which reduces stack usage for Go applications.
* Compiler: For 386 and amd64, the compiler will use information
from PGO to align certain hot blocks in loops. This improves
performance an additional 1-1.5% at a cost of an additional
0.1% text and binary size. This is currently only implemented
on 386 and amd64 because it has not shown an improvement on
other platforms. Hot block alignment can be disabled with
-gcflags=[<packages>=]-d=alignhot=0.
* Linker: The linker now disallows using a //go:linkname
directive to refer to internal symbols in the standard library
(including the runtime) that are not marked with //go:linkname
on their definitions. Similarly, the linker disallows
references to such symbols from assembly code. For backward
compatibility, existing usages of //go:linkname found in a
large open-source code corpus remain supported. Any new
references to standard library internal symbols will be
disallowed.
* Linker: A linker command line flag -checklinkname=0 can be used
to disable this check, for debugging and experimenting
purposes.
* Linker: When building a dynamically linked ELF binary
(including PIE binary), the new -bindnow flag enables immediate
function binding.
* Standard library changes:
* timer: 1.23 makes two significant changes to the implementation
of time.Timer and time.Ticker.
First, Timers and Tickers that are no longer referred to by the
program become eligible for garbage collection immediately,
even if their Stop methods have not been called. Earlier
versions of Go did not collect unstopped Timers until after
they had fired and never collected unstopped Tickers.
Second, the timer channel associated with a Timer or Ticker is
now unbuffered, with capacity 0. The main effect of this change
is that Go now guarantees that for any call to a Reset or Stop
method, no stale values prepared before that call will be sent
or received after the call. Earlier versions of Go used
channels with a one-element buffer, making it difficult to use
Reset and Stop correctly. A visible effect of this change is
that len and cap of timer channels now returns 0 instead of 1,
which may affect programs that poll the length to decide
whether a receive on the timer channel will succeed. Such code
should use a non-blocking receive instead.
These new behaviors are only enabled when the main Go program
is in a module with a go.mod go line using Go 1.23.0 or
later. When Go 1.23 builds older programs, the old behaviors
remain in effect. The new GODEBUG setting asynctimerchan=1 can
be used to revert back to asynchronous channel behaviors even
when a program names Go 1.23.0 or later in its go.mod file.
* unique: The new unique package provides facilities for
canonicalizing values (like 'interning' or 'hash-consing').
Any value of comparable type may be canonicalized with the new
Make[T] function, which produces a reference to a canonical
copy of the value in the form of a Handle[T]. Two Handle[T] are
equal if and only if the values used to produce the handles are
equal, allowing programs to deduplicate values and reduce their
memory footprint. Comparing two Handle[T] values is efficient,
reducing down to a simple pointer comparison.
* iter: The new iter package provides the basic definitions for
working with user-defined iterators.
* slices: The slices package adds several functions that work
with iterators:
- All returns an iterator over slice indexes and values.
- Values returns an iterator over slice elements.
- Backward returns an iterator that loops over a slice backward.
- Collect collects values from an iterator into a new slice.
- AppendSeq appends values from an iterator to an existing slice.
- Sorted collects values from an iterator into a new slice, and then sorts the slice.
- SortedFunc is like Sorted but with a comparison function.
- SortedStableFunc is like SortFunc but uses a stable sort algorithm.
- Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice.
* maps: The maps package adds several functions that work with
iterators:
- All returns an iterator over key-value pairs from a map.
- Keys returns an iterator over keys in a map.
- Values returns an iterator over values in a map.
- Insert adds the key-value pairs from an iterator to an existing map.
- Collect collects key-value pairs from an iterator into a new map and returns it.
* structs: The new structs package provides types for struct
fields that modify properties of the containing struct type
such as memory layout.
In this release, the only such type is HostLayout which
indicates that a structure with a field of that type has a
layout that conforms to host platform expectations.
* Minor changes to the standard library: As always, there are
various minor changes and updates to the library, made with the
Go 1 promise of compatibility in mind.
* archive/tar: If the argument to FileInfoHeader implements the
new FileInfoNames interface, then the interface methods will be
used to set the Uname/Gname of the file header. This allows
applications to override the system-dependent Uname/Gname
lookup.
* crypto/tls: The TLS client now supports the Encrypted Client
Hello draft specification. This feature can be enabled by
setting the Config.EncryptedClientHelloConfigList field to an
encoded ECHConfigList for the host that is being connected to.
* crypto/tls: The QUICConn type used by QUIC implementations
includes new events reporting on the state of session
resumption, and provides a way for the QUIC layer to add data
to session tickets and session cache entries.
* crypto/tls: 3DES cipher suites were removed from the default
list used when Config.CipherSuites is nil. The default can be
reverted by adding tls3des=1 to the GODEBUG environment
variable.
* crypto/tls: The experimental post-quantum key exchange
mechanism X25519Kyber768Draft00 is now enabled by default when
Config.CurvePreferences is nil. The default can be reverted by
adding tlskyber=0 to the GODEBUG environment variable.
* crypto/tls: Go 1.23 changed the behavior of X509KeyPair and
LoadX509KeyPair to populate the Certificate.Leaf field of the
returned Certificate. The new x509keypairleaf GODEBUG setting
is added for this behavior.
* crypto/x509: CreateCertificateRequest now correctly supports
RSA-PSS signature algorithms.
* crypto/x509: CreateCertificateRequest and CreateRevocationList
now verify the generated signature using the signer's public
key. If the signature is invalid, an error is returned. This
has been the behavior of CreateCertificate since Go 1.16.
* crypto/x509: The x509sha1 GODEBUG setting will be removed in
the next Go major release (Go 1.24). This will mean that
crypto/x509 will no longer support verifying signatures on
certificates that use SHA-1 based signature algorithms.
* crypto/x509: The new ParseOID function parses a dot-encoded
ASN.1 Object Identifier string. The OID type now implements the
encoding.BinaryMarshaler, encoding.BinaryUnmarshaler,
encoding.TextMarshaler, encoding.TextUnmarshaler interfaces.
database/sql
* crypto/x509: Errors returned by driver.Valuer implementations
are now wrapped for improved error handling during operations
like DB.Query, DB.Exec, and DB.QueryRow.
* debug/elf: The debug/elf package now defines
PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch
Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD
binaries.
* debug/elf: Now defines the symbol type constants STT_RELC,
STT_SRELC, and STT_GNU_IFUNC.
* encoding/binary The new Encode and Decode functions are byte
slice equivalents to Read and Write. Append allows marshaling
multiple data into the same byte slice.
* go/ast: The new Preorder function returns a convenient iterator
over all the nodes of a syntax tree.
* go/types: The Func type, which represents a function or method
symbol, now has a Func.Signature method that returns the
function's type, which is always a Signature.
* go/types: The Alias type now has an Rhs method that returns the
type on the right-hand side of its declaration: given type A =
B, the Rhs of A is B. (go#66559)
* go/types: The methods Alias.Origin, Alias.SetTypeParams,
Alias.TypeParams, and Alias.TypeArgs have been added. They are
needed for generic alias types.
* go/types: By default, go/types now produces Alias type nodes
for type aliases. This behavior can be controlled by the
GODEBUG gotypesalias flag. Its default has changed from 0 in Go
1.22 to 1 in Go 1.23.
* math/rand/v2: The Uint function and Rand.Uint method have been
added. They were inadvertently left out of Go 1.22.
* math/rand/v2: The new ChaCha8.Read method implements the
io.Reader interface.
* net: The new type KeepAliveConfig permits fine-tuning the
keep-alive options for TCP connections, via a new
TCPConn.SetKeepAliveConfig method and new KeepAliveConfig
fields for Dialer and ListenConfig.
* net: The DNSError type now wraps errors caused by timeouts or
cancellation. For example, errors.Is(someDNSErr,
context.DeadlineExceedeed) will now report whether a DNS error
was caused by a timeout.
* net: The new GODEBUG setting netedns0=0 disables sending EDNS0
additional headers on DNS requests, as they reportedly break
the DNS server on some modems.
* net/http: Cookie now preserves double quotes surrounding a
cookie value. The new Cookie.Quoted field indicates whether the
Cookie.Value was originally quoted.
* net/http: The new Request.CookiesNamed method retrieves all
cookies that match the given name.
* net/http: The new Cookie.Partitioned field identifies cookies
with the Partitioned attribute.
* net/http: The patterns used by ServeMux now allow one or more
spaces or tabs after the method name. Previously, only a single
space was permitted.
* net/http: The new ParseCookie function parses a Cookie header
value and returns all the cookies which were set in it. Since
the same cookie name can appear multiple times the returned
Values can contain more than one value for a given key.
* net/http: The new ParseSetCookie function parses a Set-Cookie
header value and returns a cookie. It returns an error on
syntax error.
* net/http: ServeContent, ServeFile, and ServeFileFS now remove
the Cache-Control, Content-Encoding, Etag, and Last-Modified
headers when serving an error. These headers usually apply to
the non-error content, but not to the text of errors.
* net/http: Middleware which wraps a ResponseWriter and applies
on-the-fly encoding, such as Content-Encoding: gzip, will not
function after this change. The previous behavior of
ServeContent, ServeFile, and ServeFileFS may be restored by
setting GODEBUG=httpservecontentkeepheaders=1.
Note that middleware which changes the size of the served
content (such as by compressing it) already does not function
properly when ServeContent handles a Range request. On-the-fly
compression should use the Transfer-Encoding header instead of
Content-Encoding.
* net/http: For inbound requests, the new Request.Pattern field
contains the ServeMux pattern (if any) that matched the
request. This field is not set when GODEBUG=httpmuxgo121=1 is
set.
* net/http/httptest: The new NewRequestWithContext method creates
an incoming request with a context.Context.
* net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to
compare an Addr holding an IPv4 address to one holding the
IPv4-mapped IPv6 form of that address incorrectly returned
true, even though the Addr values were different when comparing
with == or Addr.Compare. This bug is now fixed and all three
approaches now report the same result.
* os: The Stat function now sets the ModeSocket bit for files
that are Unix sockets on Windows. These files are identified by
having a reparse tag set to IO_REPARSE_TAG_AF_UNIX.
* os: On Windows, the mode bits reported by Lstat and Stat for
reparse points changed. Mount points no longer have ModeSymlink
set, and reparse points that are not symlinks, Unix sockets, or
dedup files now always have ModeIrregular set. This behavior is
controlled by the winsymlink setting. For Go 1.23, it defaults
to winsymlink=1. Previous versions default to winsymlink=0.
* os: The CopyFS function copies an io/fs.FS into the local
filesystem.
* os: On Windows, Readlink no longer tries to normalize volumes
to drive letters, which was not always even possible. This
behavior is controlled by the winreadlinkvolume setting. For Go
1.23, it defaults to winreadlinkvolume=1. Previous versions
default to winreadlinkvolume=0.
* os: On Linux with pidfd support (generally Linux v5.4+),
Process-related functions and methods use pidfd (rather than
PID) internally, eliminating potential mistargeting when a PID
is reused by the OS. Pidfd support is fully transparent to a
user, except for additional process file descriptors that a
process may have.
* path/filepath: The new Localize function safely converts a
slash-separated path into an operating system path.
* path/filepath: On Windows, EvalSymlinks no longer evaluates
mount points, which was a source of many inconsistencies and
bugs. This behavior is controlled by the winsymlink
setting. For Go 1.23, it defaults to winsymlink=1. Previous
versions default to winsymlink=0.
* path/filepath: On Windows, EvalSymlinks no longer tries to
normalize volumes to drive letters, which was not always even
possible. This behavior is controlled by the winreadlinkvolume
setting. For Go 1.23, it defaults to
winreadlinkvolume=1. Previous versions default to
winreadlinkvolume=0.
* reflect: The new methods synonymous with the methods of the
same name in Value are added to Type:
- Type.OverflowComplex
- Type.OverflowFloat
- Type.OverflowInt
- Type.OverflowUint
* reflect: The new SliceAt function is analogous to NewAt, but
for slices.
* reflect: The Value.Pointer and Value.UnsafePointer methods now
support values of kind String.
* reflect: The new methods Value.Seq and Value.Seq2 return
sequences that iterate over the value as though it were used in
a for/range loop. The new methods Type.CanSeq and Type.CanSeq2
report whether calling Value.Seq and Value.Seq2, respectively,
will succeed without panicking.
* runtime/debug: The SetCrashOutput function allows the user to
specify an alternate file to which the runtime should write its
fatal crash report. It may be used to construct an automated
reporting mechanism for all unexpected crashes, not just those
in goroutines that explicitly use recover.
* runtime/pprof: The maximum stack depth for alloc, mutex, block,
threadcreate and goroutine profiles has been raised from 32 to
128 frames.
* runtime/trace: The runtime now explicitly flushes trace data
when a program crashes due to an uncaught panic. This means
that more complete trace data will be available in a trace if
the program crashes while tracing is active.
* slices: The Repeat function returns a new slice that repeats
the provided slice the given number of times.
* sync: The Map.Clear method deletes all the entries, resulting
in an empty Map. It is analogous to clear.
* sync/atomic: The new And and Or operators apply a bitwise AND
or OR to the given input, returning the old value.
* syscall: The syscall package now defines WSAENOPROTOOPT on
Windows.
* syscall: The GetsockoptInt function is now supported on
Windows.
* testing/fstest: TestFS now returns a structured error that can
be unwrapped (via method Unwrap() []error). This allows
inspecting errors using errors.Is or errors.As.
* text/template: Templates now support the new 'else with'
action, which reduces template complexity in some use cases.
* time: Parse and ParseInLocation now return an error if the time
zone offset is out of range.
* unicode/utf16: The RuneLen function returns the number of
16-bit words in the UTF-16 encoding of the rune. It returns -1
if the rune is not a valid value to encode in UTF-16.
* Port: Darwin: As announced in the Go 1.22 release notes, Go
1.23 requires macOS 11 Big Sur or later; support for previous
versions has been discontinued.
* Port: Linux: Go 1.23 is the last release that requires Linux
kernel version 2.6.32 or later. Go 1.24 will require Linux
kernel version 3.17 or later, with an exception that systems
running 3.10 or later will continue to be supported if the
kernel has been patched to support the getrandom system call.
* Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on
64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64).
* Port: ARM64: Go 1.23 introduces a new GOARM64 environment
variable, which specifies the minimum target version of the
ARM64 architecture at compile time. Allowed values are v8.{0-9}
and v9.{0-5}. This may be followed by an option specifying
extensions implemented by target hardware. Valid options are
,lse and ,crypto.
The GOARM64 environment variable defaults to v8.0.
* Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment
variable, which selects the RISC-V user-mode application
profile for which to compile. Allowed values are rva20u64 and
rva22u64.
The GORISCV64 environment variable defaults to rva20u64.
* Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm
has dropped support for versions of wasmtime < 14.0.0.
Patchnames: SUSE-2024-3773,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3773,openSUSE-SLE-15.5-2024-3773
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.23-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.23-openssl fixes the following issues:\n\nThis update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320)\n\n- go1.23.2 (released 2024-10-01) includes fixes to the compiler,\n cgo, the runtime, and the maps, os, os/exec, time, and unique\n packages.\n\n * go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess\n * go#69156 maps: segmentation violation in maps.Clone\n * go#69219 cmd/cgo: alignment issue with int128 inside of a struct\n * go#69240 unique: fatal error: found pointer to free object\n * go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel\n * go#69383 unique: large string still referenced, after interning only a small substring\n * go#69402 os/exec: resource leak on exec failure\n * go#69511 cmd/compile: mysterious crashes and non-determinism with range over func\n\n- Update to version 1.23.1.1 cut from the go1.23-fips-release\n branch at the revision tagged go1.23.1-1-openssl-fips.\n\n * Update to Go 1.23.1 (#238)\n\n- go1.23.1 (released 2024-09-05) includes security fixes to the\n encoding/gob, go/build/constraint, and go/parser packages, as\n well as bug fixes to the compiler, the go command, the runtime,\n and the database/sql, go/types, os, runtime/trace, and unique\n packages.\n\n CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:\n\n - go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions\n - go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode\n - go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse\n - go#68812 os: TestChtimes failures\n - go#68894 go/types: \u0027under\u0027 panics on Alias type\n - go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing\n - go#68907 os: CopyFS overwrites existing file in destination.\n - go#68973 cmd/cgo: aix c-archive corrupting stack\n - go#68992 unique: panic when calling unique.Make with string casted as any\n - go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE\n - go#68995 cmd/go: multi-arch build via qemu fails to exec go binary\n - go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex\n - go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine\n - go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode\n\n- go1.23 (released 2024-08-13) is a major release of Go.\n go1.23.x minor releases will be provided through August 2025.\n https://github.com/golang/go/wiki/Go-Release-Cycle\n go1.23 arrives six months after go1.22. Most of its changes are\n in the implementation of the toolchain, runtime, and libraries.\n As always, the release maintains the Go 1 promise of\n compatibility. We expect almost all Go programs to continue to\n compile and run as before.\n\n * Language change: Go 1.23 makes the (Go 1.22) \u0027range-over-func\u0027\n experiment a part of the language. The \u0027range\u0027 clause in a\n \u0027for-range\u0027 loop now accepts iterator functions of the\n following types:\n func(func() bool)\n func(func(K) bool)\n func(func(K, V) bool)\n as range expressions. Calls of the iterator argument function\n produce the iteration values for the \u0027for-range\u0027 loop. For\n details see the iter package documentation and the language\n spec. For motivation see the 2022 \u0027range-over-func\u0027 discussion.\n * Language change: Go 1.23 includes preview support for generic\n type aliases. Building the toolchain with\n GOEXPERIMENT=aliastypeparams enables this feature within a\n package. (Using generic alias types across package boundaries\n is not yet supported.)\n * Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can\n collect usage and breakage statistics that help the Go team\n understand how the Go toolchain is used and how well it is\n working. We refer to these statistics as Go telemetry.\n Go telemetry is an opt-in system, controlled by the go\n telemetry command. By default, the toolchain programs collect\n statistics in counter files that can be inspected locally but\n are otherwise unused (go telemetry local).\n To help us keep Go working well and understand Go usage, please\n consider opting in to Go telemetry by running go telemetry\n on. In that mode, anonymous counter reports are uploaded to\n telemetry.go.dev weekly, where they are aggregated into graphs\n and also made available for download by any Go contributors or\n users wanting to analyze the data. See \u0027Go Telemetry\u0027 for more\n details about the Go Telemetry system.\n * go command: Setting the GOROOT_FINAL environment variable no\n longer has an effect (#62047). Distributions that install the\n go command to a location other than $GOROOT/bin/go should\n install a symlink instead of relocating or copying the go\n binary.\n * go command: The new go env -changed flag causes the command to\n print only those settings whose effective value differs from\n the default value that would be obtained in an empty\n environment with no prior uses of the -w flag.\n * go command: The new go mod tidy -diff flag causes the command\n not to modify the files but instead print the necessary changes\n as a unified diff. It exits with a non-zero code if updates are\n needed.\n * go command: The go list -m -json command now includes new Sum\n and GoModSum fields. This is similar to the existing behavior\n of the go mod download -json command.\n * go command: The new godebug directive in go.mod and go.work\n declares a GODEBUG setting to apply for the work module or\n workspace in use.\n * go vet: The go vet subcommand now includes the stdversion\n analyzer, which flags references to symbols that are too new\n for the version of Go in effect in the referring file. (The\n effective version is determined by the go directive in the\n file\u0027s enclosing go.mod file, and by any //go:build constraints\n in the file.)\n For example, it will report a diagnostic for a reference to the\n reflect.TypeFor function (introduced in go1.22) from a file in\n a module whose go.mod file specifies go 1.21.\n * cgo: cmd/cgo supports the new -ldflags flag for passing flags\n to the C linker. The go command uses it automatically, avoiding\n \u0027argument list too long\u0027 errors with a very large CGO_LDFLAGS.\n * go trace: The trace tool now better tolerates partially broken\n traces by attempting to recover what trace data it can. This\n functionality is particularly helpful when viewing a trace that\n was collected during a program crash, since the trace data\n leading up to the crash will now be recoverable under most\n circumstances.\n * Runtime: The traceback printed by the runtime after an\n unhandled panic or other fatal error now indents the second and\n subsequent lines of the error message (for example, the\n argument to panic) by a single tab, so that it can be\n unambiguously distinguished from the stack trace of the first\n goroutine. See go#64590 for discussion.\n * Compiler: The build time overhead to building with Profile\n Guided Optimization has been reduced significantly. Previously,\n large builds could see 100%+ build time increase from enabling\n PGO. In Go 1.23, overhead should be in the single digit\n percentages.\n * Compiler: The compiler in Go 1.23 can now overlap the stack\n frame slots of local variables accessed in disjoint regions of\n a function, which reduces stack usage for Go applications.\n * Compiler: For 386 and amd64, the compiler will use information\n from PGO to align certain hot blocks in loops. This improves\n performance an additional 1-1.5% at a cost of an additional\n 0.1% text and binary size. This is currently only implemented\n on 386 and amd64 because it has not shown an improvement on\n other platforms. Hot block alignment can be disabled with\n -gcflags=[\u003cpackages\u003e=]-d=alignhot=0.\n * Linker: The linker now disallows using a //go:linkname\n directive to refer to internal symbols in the standard library\n (including the runtime) that are not marked with //go:linkname\n on their definitions. Similarly, the linker disallows\n references to such symbols from assembly code. For backward\n compatibility, existing usages of //go:linkname found in a\n large open-source code corpus remain supported. Any new\n references to standard library internal symbols will be\n disallowed.\n * Linker: A linker command line flag -checklinkname=0 can be used\n to disable this check, for debugging and experimenting\n purposes.\n * Linker: When building a dynamically linked ELF binary\n (including PIE binary), the new -bindnow flag enables immediate\n function binding.\n * Standard library changes:\n * timer: 1.23 makes two significant changes to the implementation\n of time.Timer and time.Ticker.\n First, Timers and Tickers that are no longer referred to by the\n program become eligible for garbage collection immediately,\n even if their Stop methods have not been called. Earlier\n versions of Go did not collect unstopped Timers until after\n they had fired and never collected unstopped Tickers.\n Second, the timer channel associated with a Timer or Ticker is\n now unbuffered, with capacity 0. The main effect of this change\n is that Go now guarantees that for any call to a Reset or Stop\n method, no stale values prepared before that call will be sent\n or received after the call. Earlier versions of Go used\n channels with a one-element buffer, making it difficult to use\n Reset and Stop correctly. A visible effect of this change is\n that len and cap of timer channels now returns 0 instead of 1,\n which may affect programs that poll the length to decide\n whether a receive on the timer channel will succeed. Such code\n should use a non-blocking receive instead.\n These new behaviors are only enabled when the main Go program\n is in a module with a go.mod go line using Go 1.23.0 or\n later. When Go 1.23 builds older programs, the old behaviors\n remain in effect. The new GODEBUG setting asynctimerchan=1 can\n be used to revert back to asynchronous channel behaviors even\n when a program names Go 1.23.0 or later in its go.mod file.\n * unique: The new unique package provides facilities for\n canonicalizing values (like \u0027interning\u0027 or \u0027hash-consing\u0027).\n Any value of comparable type may be canonicalized with the new\n Make[T] function, which produces a reference to a canonical\n copy of the value in the form of a Handle[T]. Two Handle[T] are\n equal if and only if the values used to produce the handles are\n equal, allowing programs to deduplicate values and reduce their\n memory footprint. Comparing two Handle[T] values is efficient,\n reducing down to a simple pointer comparison.\n * iter: The new iter package provides the basic definitions for\n working with user-defined iterators.\n * slices: The slices package adds several functions that work\n with iterators:\n - All returns an iterator over slice indexes and values.\n - Values returns an iterator over slice elements.\n - Backward returns an iterator that loops over a slice backward.\n - Collect collects values from an iterator into a new slice.\n - AppendSeq appends values from an iterator to an existing slice.\n - Sorted collects values from an iterator into a new slice, and then sorts the slice.\n - SortedFunc is like Sorted but with a comparison function.\n - SortedStableFunc is like SortFunc but uses a stable sort algorithm.\n - Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice.\n * maps: The maps package adds several functions that work with\n iterators:\n - All returns an iterator over key-value pairs from a map.\n - Keys returns an iterator over keys in a map.\n - Values returns an iterator over values in a map.\n - Insert adds the key-value pairs from an iterator to an existing map.\n - Collect collects key-value pairs from an iterator into a new map and returns it.\n * structs: The new structs package provides types for struct\n fields that modify properties of the containing struct type\n such as memory layout.\n In this release, the only such type is HostLayout which\n indicates that a structure with a field of that type has a\n layout that conforms to host platform expectations.\n * Minor changes to the standard library: As always, there are\n various minor changes and updates to the library, made with the\n Go 1 promise of compatibility in mind.\n * archive/tar: If the argument to FileInfoHeader implements the\n new FileInfoNames interface, then the interface methods will be\n used to set the Uname/Gname of the file header. This allows\n applications to override the system-dependent Uname/Gname\n lookup.\n * crypto/tls: The TLS client now supports the Encrypted Client\n Hello draft specification. This feature can be enabled by\n setting the Config.EncryptedClientHelloConfigList field to an\n encoded ECHConfigList for the host that is being connected to.\n * crypto/tls: The QUICConn type used by QUIC implementations\n includes new events reporting on the state of session\n resumption, and provides a way for the QUIC layer to add data\n to session tickets and session cache entries.\n * crypto/tls: 3DES cipher suites were removed from the default\n list used when Config.CipherSuites is nil. The default can be\n reverted by adding tls3des=1 to the GODEBUG environment\n variable.\n * crypto/tls: The experimental post-quantum key exchange\n mechanism X25519Kyber768Draft00 is now enabled by default when\n Config.CurvePreferences is nil. The default can be reverted by\n adding tlskyber=0 to the GODEBUG environment variable.\n * crypto/tls: Go 1.23 changed the behavior of X509KeyPair and\n LoadX509KeyPair to populate the Certificate.Leaf field of the\n returned Certificate. The new x509keypairleaf GODEBUG setting\n is added for this behavior.\n * crypto/x509: CreateCertificateRequest now correctly supports\n RSA-PSS signature algorithms.\n * crypto/x509: CreateCertificateRequest and CreateRevocationList\n now verify the generated signature using the signer\u0027s public\n key. If the signature is invalid, an error is returned. This\n has been the behavior of CreateCertificate since Go 1.16.\n * crypto/x509: The x509sha1 GODEBUG setting will be removed in\n the next Go major release (Go 1.24). This will mean that\n crypto/x509 will no longer support verifying signatures on\n certificates that use SHA-1 based signature algorithms.\n * crypto/x509: The new ParseOID function parses a dot-encoded\n ASN.1 Object Identifier string. The OID type now implements the\n encoding.BinaryMarshaler, encoding.BinaryUnmarshaler,\n encoding.TextMarshaler, encoding.TextUnmarshaler interfaces.\n database/sql\n * crypto/x509: Errors returned by driver.Valuer implementations\n are now wrapped for improved error handling during operations\n like DB.Query, DB.Exec, and DB.QueryRow.\n * debug/elf: The debug/elf package now defines\n PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch\n Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD\n binaries.\n * debug/elf: Now defines the symbol type constants STT_RELC,\n STT_SRELC, and STT_GNU_IFUNC.\n * encoding/binary The new Encode and Decode functions are byte\n slice equivalents to Read and Write. Append allows marshaling\n multiple data into the same byte slice.\n * go/ast: The new Preorder function returns a convenient iterator\n over all the nodes of a syntax tree.\n * go/types: The Func type, which represents a function or method\n symbol, now has a Func.Signature method that returns the\n function\u0027s type, which is always a Signature.\n * go/types: The Alias type now has an Rhs method that returns the\n type on the right-hand side of its declaration: given type A =\n B, the Rhs of A is B. (go#66559)\n * go/types: The methods Alias.Origin, Alias.SetTypeParams,\n Alias.TypeParams, and Alias.TypeArgs have been added. They are\n needed for generic alias types.\n * go/types: By default, go/types now produces Alias type nodes\n for type aliases. This behavior can be controlled by the\n GODEBUG gotypesalias flag. Its default has changed from 0 in Go\n 1.22 to 1 in Go 1.23.\n * math/rand/v2: The Uint function and Rand.Uint method have been\n added. They were inadvertently left out of Go 1.22.\n * math/rand/v2: The new ChaCha8.Read method implements the\n io.Reader interface.\n * net: The new type KeepAliveConfig permits fine-tuning the\n keep-alive options for TCP connections, via a new\n TCPConn.SetKeepAliveConfig method and new KeepAliveConfig\n fields for Dialer and ListenConfig.\n * net: The DNSError type now wraps errors caused by timeouts or\n cancellation. For example, errors.Is(someDNSErr,\n context.DeadlineExceedeed) will now report whether a DNS error\n was caused by a timeout.\n * net: The new GODEBUG setting netedns0=0 disables sending EDNS0\n additional headers on DNS requests, as they reportedly break\n the DNS server on some modems.\n * net/http: Cookie now preserves double quotes surrounding a\n cookie value. The new Cookie.Quoted field indicates whether the\n Cookie.Value was originally quoted.\n * net/http: The new Request.CookiesNamed method retrieves all\n cookies that match the given name.\n * net/http: The new Cookie.Partitioned field identifies cookies\n with the Partitioned attribute.\n * net/http: The patterns used by ServeMux now allow one or more\n spaces or tabs after the method name. Previously, only a single\n space was permitted.\n * net/http: The new ParseCookie function parses a Cookie header\n value and returns all the cookies which were set in it. Since\n the same cookie name can appear multiple times the returned\n Values can contain more than one value for a given key.\n * net/http: The new ParseSetCookie function parses a Set-Cookie\n header value and returns a cookie. It returns an error on\n syntax error.\n * net/http: ServeContent, ServeFile, and ServeFileFS now remove\n the Cache-Control, Content-Encoding, Etag, and Last-Modified\n headers when serving an error. These headers usually apply to\n the non-error content, but not to the text of errors.\n * net/http: Middleware which wraps a ResponseWriter and applies\n on-the-fly encoding, such as Content-Encoding: gzip, will not\n function after this change. The previous behavior of\n ServeContent, ServeFile, and ServeFileFS may be restored by\n setting GODEBUG=httpservecontentkeepheaders=1.\n Note that middleware which changes the size of the served\n content (such as by compressing it) already does not function\n properly when ServeContent handles a Range request. On-the-fly\n compression should use the Transfer-Encoding header instead of\n Content-Encoding.\n * net/http: For inbound requests, the new Request.Pattern field\n contains the ServeMux pattern (if any) that matched the\n request. This field is not set when GODEBUG=httpmuxgo121=1 is\n set.\n * net/http/httptest: The new NewRequestWithContext method creates\n an incoming request with a context.Context.\n * net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to\n compare an Addr holding an IPv4 address to one holding the\n IPv4-mapped IPv6 form of that address incorrectly returned\n true, even though the Addr values were different when comparing\n with == or Addr.Compare. This bug is now fixed and all three\n approaches now report the same result.\n * os: The Stat function now sets the ModeSocket bit for files\n that are Unix sockets on Windows. These files are identified by\n having a reparse tag set to IO_REPARSE_TAG_AF_UNIX.\n * os: On Windows, the mode bits reported by Lstat and Stat for\n reparse points changed. Mount points no longer have ModeSymlink\n set, and reparse points that are not symlinks, Unix sockets, or\n dedup files now always have ModeIrregular set. This behavior is\n controlled by the winsymlink setting. For Go 1.23, it defaults\n to winsymlink=1. Previous versions default to winsymlink=0.\n * os: The CopyFS function copies an io/fs.FS into the local\n filesystem.\n * os: On Windows, Readlink no longer tries to normalize volumes\n to drive letters, which was not always even possible. This\n behavior is controlled by the winreadlinkvolume setting. For Go\n 1.23, it defaults to winreadlinkvolume=1. Previous versions\n default to winreadlinkvolume=0.\n * os: On Linux with pidfd support (generally Linux v5.4+),\n Process-related functions and methods use pidfd (rather than\n PID) internally, eliminating potential mistargeting when a PID\n is reused by the OS. Pidfd support is fully transparent to a\n user, except for additional process file descriptors that a\n process may have.\n * path/filepath: The new Localize function safely converts a\n slash-separated path into an operating system path.\n * path/filepath: On Windows, EvalSymlinks no longer evaluates\n mount points, which was a source of many inconsistencies and\n bugs. This behavior is controlled by the winsymlink\n setting. For Go 1.23, it defaults to winsymlink=1. Previous\n versions default to winsymlink=0.\n * path/filepath: On Windows, EvalSymlinks no longer tries to\n normalize volumes to drive letters, which was not always even\n possible. This behavior is controlled by the winreadlinkvolume\n setting. For Go 1.23, it defaults to\n winreadlinkvolume=1. Previous versions default to\n winreadlinkvolume=0.\n * reflect: The new methods synonymous with the methods of the\n same name in Value are added to Type:\n - Type.OverflowComplex\n - Type.OverflowFloat\n - Type.OverflowInt\n - Type.OverflowUint\n * reflect: The new SliceAt function is analogous to NewAt, but\n for slices.\n * reflect: The Value.Pointer and Value.UnsafePointer methods now\n support values of kind String.\n * reflect: The new methods Value.Seq and Value.Seq2 return\n sequences that iterate over the value as though it were used in\n a for/range loop. The new methods Type.CanSeq and Type.CanSeq2\n report whether calling Value.Seq and Value.Seq2, respectively,\n will succeed without panicking.\n * runtime/debug: The SetCrashOutput function allows the user to\n specify an alternate file to which the runtime should write its\n fatal crash report. It may be used to construct an automated\n reporting mechanism for all unexpected crashes, not just those\n in goroutines that explicitly use recover.\n * runtime/pprof: The maximum stack depth for alloc, mutex, block,\n threadcreate and goroutine profiles has been raised from 32 to\n 128 frames.\n * runtime/trace: The runtime now explicitly flushes trace data\n when a program crashes due to an uncaught panic. This means\n that more complete trace data will be available in a trace if\n the program crashes while tracing is active.\n * slices: The Repeat function returns a new slice that repeats\n the provided slice the given number of times.\n * sync: The Map.Clear method deletes all the entries, resulting\n in an empty Map. It is analogous to clear.\n * sync/atomic: The new And and Or operators apply a bitwise AND\n or OR to the given input, returning the old value.\n * syscall: The syscall package now defines WSAENOPROTOOPT on\n Windows.\n * syscall: The GetsockoptInt function is now supported on\n Windows.\n * testing/fstest: TestFS now returns a structured error that can\n be unwrapped (via method Unwrap() []error). This allows\n inspecting errors using errors.Is or errors.As.\n * text/template: Templates now support the new \u0027else with\u0027\n action, which reduces template complexity in some use cases.\n * time: Parse and ParseInLocation now return an error if the time\n zone offset is out of range.\n * unicode/utf16: The RuneLen function returns the number of\n 16-bit words in the UTF-16 encoding of the rune. It returns -1\n if the rune is not a valid value to encode in UTF-16.\n * Port: Darwin: As announced in the Go 1.22 release notes, Go\n 1.23 requires macOS 11 Big Sur or later; support for previous\n versions has been discontinued.\n * Port: Linux: Go 1.23 is the last release that requires Linux\n kernel version 2.6.32 or later. Go 1.24 will require Linux\n kernel version 3.17 or later, with an exception that systems\n running 3.10 or later will continue to be supported if the\n kernel has been patched to support the getrandom system call.\n * Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on\n 64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64).\n * Port: ARM64: Go 1.23 introduces a new GOARM64 environment\n variable, which specifies the minimum target version of the\n ARM64 architecture at compile time. Allowed values are v8.{0-9}\n and v9.{0-5}. This may be followed by an option specifying\n extensions implemented by target hardware. Valid options are\n ,lse and ,crypto.\n The GOARM64 environment variable defaults to v8.0.\n * Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment\n variable, which selects the RISC-V user-mode application\n profile for which to compile. Allowed values are rva20u64 and\n rva22u64.\n The GORISCV64 environment variable defaults to rva20u64.\n * Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm\n has dropped support for versions of wasmtime \u003c 14.0.0.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3773,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3773,openSUSE-SLE-15.5-2024-3773",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3773-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3773-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243773-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3773-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019687.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229122",
"url": "https://bugzilla.suse.com/1229122"
},
{
"category": "self",
"summary": "SUSE Bug 1230252",
"url": "https://bugzilla.suse.com/1230252"
},
{
"category": "self",
"summary": "SUSE Bug 1230253",
"url": "https://bugzilla.suse.com/1230253"
},
{
"category": "self",
"summary": "SUSE Bug 1230254",
"url": "https://bugzilla.suse.com/1230254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34158/"
}
],
"title": "Security update for go1.23-openssl",
"tracking": {
"current_release_date": "2024-10-29T13:54:31Z",
"generator": {
"date": "2024-10-29T13:54:31Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3773-1",
"initial_release_date": "2024-10-29T13:54:31Z",
"revision_history": [
{
"date": "2024-10-29T13:54:31Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"product": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"product_id": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"product_id": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"product_id": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.i586",
"product": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.i586",
"product_id": "go1.23-openssl-1.23.2.2-150000.1.3.1.i586"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.i586",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.i586",
"product_id": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"product_id": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"product_id": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"product_id": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"product": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"product_id": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"product_id": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"product_id": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"product": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"product_id": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"product_id": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"product_id": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34155"
}
],
"notes": [
{
"category": "general",
"text": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34155",
"url": "https://www.suse.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "SUSE Bug 1230252 for CVE-2024-34155",
"url": "https://bugzilla.suse.com/1230252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34156"
}
],
"notes": [
{
"category": "general",
"text": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34156",
"url": "https://www.suse.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "SUSE Bug 1230253 for CVE-2024-34156",
"url": "https://bugzilla.suse.com/1230253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34158"
}
],
"notes": [
{
"category": "general",
"text": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34158",
"url": "https://www.suse.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "SUSE Bug 1230254 for CVE-2024-34158",
"url": "https://bugzilla.suse.com/1230254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-doc-1.23.2.2-150000.1.3.1.x86_64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.aarch64",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.ppc64le",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.s390x",
"openSUSE Leap 15.5:go1.23-openssl-race-1.23.2.2-150000.1.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-29T13:54:31Z",
"details": "moderate"
}
],
"title": "CVE-2024-34158"
}
]
}
SUSE-SU-2024:3809-1
Vulnerability from csaf_suse - Published: 2024-10-30 15:07 - Updated: 2024-10-30 15:07Summary
Security update for go1.21-openssl
Severity
Moderate
Notes
Title of the patch: Security update for go1.21-openssl
Description of the patch: This update for go1.21-openssl fixes the following issues:
- CVE-2024-34158: Fixed stack exhaustion in Parse in go/build/constraint (bsc#1230254).
- CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode in encoding/gob (bsc#1230253).
- CVE-2024-34155: Fixed stack exhaustion in all Parse* functions (bsc#1230252).
- Update to version 1.21.13.3 cut from the go1.21-fips-release (jsc#SLE-18320).
Patchnames: SUSE-2024-3809,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3809,openSUSE-SLE-15.5-2024-3809
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
16 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.21-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.21-openssl fixes the following issues:\n\n- CVE-2024-34158: Fixed stack exhaustion in Parse in go/build/constraint (bsc#1230254).\n- CVE-2024-34156: Fixed stack exhaustion in Decoder.Decode in encoding/gob (bsc#1230253).\n- CVE-2024-34155: Fixed stack exhaustion in all Parse* functions (bsc#1230252).\n\n- Update to version 1.21.13.3 cut from the go1.21-fips-release (jsc#SLE-18320).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3809,SUSE-SLE-Module-Development-Tools-15-SP5-2024-3809,openSUSE-SLE-15.5-2024-3809",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3809-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3809-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243809-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3809-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019717.html"
},
{
"category": "self",
"summary": "SUSE Bug 1230252",
"url": "https://bugzilla.suse.com/1230252"
},
{
"category": "self",
"summary": "SUSE Bug 1230253",
"url": "https://bugzilla.suse.com/1230253"
},
{
"category": "self",
"summary": "SUSE Bug 1230254",
"url": "https://bugzilla.suse.com/1230254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34158/"
}
],
"title": "Security update for go1.21-openssl",
"tracking": {
"current_release_date": "2024-10-30T15:07:58Z",
"generator": {
"date": "2024-10-30T15:07:58Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3809-1",
"initial_release_date": "2024-10-30T15:07:58Z",
"revision_history": [
{
"date": "2024-10-30T15:07:58Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"product": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"product_id": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"product": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"product_id": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"product": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"product_id": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.i586",
"product": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.i586",
"product_id": "go1.21-openssl-1.21.13.4-150000.1.14.1.i586"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.i586",
"product": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.i586",
"product_id": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"product": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"product_id": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"product": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"product_id": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"product": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"product_id": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"product": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"product_id": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"product": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"product_id": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"product": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"product_id": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"product": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"product_id": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"product": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"product_id": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"product": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"product_id": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
},
"product_reference": "go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34155"
}
],
"notes": [
{
"category": "general",
"text": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34155",
"url": "https://www.suse.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "SUSE Bug 1230252 for CVE-2024-34155",
"url": "https://bugzilla.suse.com/1230252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T15:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34156"
}
],
"notes": [
{
"category": "general",
"text": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34156",
"url": "https://www.suse.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "SUSE Bug 1230253 for CVE-2024-34156",
"url": "https://bugzilla.suse.com/1230253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T15:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34158"
}
],
"notes": [
{
"category": "general",
"text": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34158",
"url": "https://www.suse.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "SUSE Bug 1230254 for CVE-2024-34158",
"url": "https://bugzilla.suse.com/1230254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-doc-1.21.13.4-150000.1.14.1.x86_64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.aarch64",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.ppc64le",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.s390x",
"openSUSE Leap 15.5:go1.21-openssl-race-1.21.13.4-150000.1.14.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-10-30T15:07:58Z",
"details": "moderate"
}
],
"title": "CVE-2024-34158"
}
]
}
SUSE-SU-2024:3937-1
Vulnerability from csaf_suse - Published: 2024-11-07 10:08 - Updated: 2024-11-07 10:08Summary
Security update for go1.23-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.23-openssl
Description of the patch: This update for go1.23-openssl fixes the following issues:
This update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320)
- go1.23.2 (released 2024-10-01) includes fixes to the compiler,
cgo, the runtime, and the maps, os, os/exec, time, and unique
packages.
* go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess
* go#69156 maps: segmentation violation in maps.Clone
* go#69219 cmd/cgo: alignment issue with int128 inside of a struct
* go#69240 unique: fatal error: found pointer to free object
* go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel
* go#69383 unique: large string still referenced, after interning only a small substring
* go#69402 os/exec: resource leak on exec failure
* go#69511 cmd/compile: mysterious crashes and non-determinism with range over func
- Update to version 1.23.1.1 cut from the go1.23-fips-release
branch at the revision tagged go1.23.1-1-openssl-fips.
* Update to Go 1.23.1 (#238)
- go1.23.1 (released 2024-09-05) includes security fixes to the
encoding/gob, go/build/constraint, and go/parser packages, as
well as bug fixes to the compiler, the go command, the runtime,
and the database/sql, go/types, os, runtime/trace, and unique
packages.
CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:
- go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions
- go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode
- go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse
- go#68812 os: TestChtimes failures
- go#68894 go/types: 'under' panics on Alias type
- go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing
- go#68907 os: CopyFS overwrites existing file in destination.
- go#68973 cmd/cgo: aix c-archive corrupting stack
- go#68992 unique: panic when calling unique.Make with string casted as any
- go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE
- go#68995 cmd/go: multi-arch build via qemu fails to exec go binary
- go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex
- go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine
- go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode
- go1.23 (released 2024-08-13) is a major release of Go.
go1.23.x minor releases will be provided through August 2025.
https://github.com/golang/go/wiki/Go-Release-Cycle
go1.23 arrives six months after go1.22. Most of its changes are
in the implementation of the toolchain, runtime, and libraries.
As always, the release maintains the Go 1 promise of
compatibility. We expect almost all Go programs to continue to
compile and run as before.
* Language change: Go 1.23 makes the (Go 1.22) 'range-over-func'
experiment a part of the language. The 'range' clause in a
'for-range' loop now accepts iterator functions of the
following types:
func(func() bool)
func(func(K) bool)
func(func(K, V) bool)
as range expressions. Calls of the iterator argument function
produce the iteration values for the 'for-range' loop. For
details see the iter package documentation and the language
spec. For motivation see the 2022 'range-over-func' discussion.
* Language change: Go 1.23 includes preview support for generic
type aliases. Building the toolchain with
GOEXPERIMENT=aliastypeparams enables this feature within a
package. (Using generic alias types across package boundaries
is not yet supported.)
* Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can
collect usage and breakage statistics that help the Go team
understand how the Go toolchain is used and how well it is
working. We refer to these statistics as Go telemetry.
Go telemetry is an opt-in system, controlled by the go
telemetry command. By default, the toolchain programs collect
statistics in counter files that can be inspected locally but
are otherwise unused (go telemetry local).
To help us keep Go working well and understand Go usage, please
consider opting in to Go telemetry by running go telemetry
on. In that mode, anonymous counter reports are uploaded to
telemetry.go.dev weekly, where they are aggregated into graphs
and also made available for download by any Go contributors or
users wanting to analyze the data. See 'Go Telemetry' for more
details about the Go Telemetry system.
* go command: Setting the GOROOT_FINAL environment variable no
longer has an effect (#62047). Distributions that install the
go command to a location other than $GOROOT/bin/go should
install a symlink instead of relocating or copying the go
binary.
* go command: The new go env -changed flag causes the command to
print only those settings whose effective value differs from
the default value that would be obtained in an empty
environment with no prior uses of the -w flag.
* go command: The new go mod tidy -diff flag causes the command
not to modify the files but instead print the necessary changes
as a unified diff. It exits with a non-zero code if updates are
needed.
* go command: The go list -m -json command now includes new Sum
and GoModSum fields. This is similar to the existing behavior
of the go mod download -json command.
* go command: The new godebug directive in go.mod and go.work
declares a GODEBUG setting to apply for the work module or
workspace in use.
* go vet: The go vet subcommand now includes the stdversion
analyzer, which flags references to symbols that are too new
for the version of Go in effect in the referring file. (The
effective version is determined by the go directive in the
file's enclosing go.mod file, and by any //go:build constraints
in the file.)
For example, it will report a diagnostic for a reference to the
reflect.TypeFor function (introduced in go1.22) from a file in
a module whose go.mod file specifies go 1.21.
* cgo: cmd/cgo supports the new -ldflags flag for passing flags
to the C linker. The go command uses it automatically, avoiding
'argument list too long' errors with a very large CGO_LDFLAGS.
* go trace: The trace tool now better tolerates partially broken
traces by attempting to recover what trace data it can. This
functionality is particularly helpful when viewing a trace that
was collected during a program crash, since the trace data
leading up to the crash will now be recoverable under most
circumstances.
* Runtime: The traceback printed by the runtime after an
unhandled panic or other fatal error now indents the second and
subsequent lines of the error message (for example, the
argument to panic) by a single tab, so that it can be
unambiguously distinguished from the stack trace of the first
goroutine. See go#64590 for discussion.
* Compiler: The build time overhead to building with Profile
Guided Optimization has been reduced significantly. Previously,
large builds could see 100%+ build time increase from enabling
PGO. In Go 1.23, overhead should be in the single digit
percentages.
* Compiler: The compiler in Go 1.23 can now overlap the stack
frame slots of local variables accessed in disjoint regions of
a function, which reduces stack usage for Go applications.
* Compiler: For 386 and amd64, the compiler will use information
from PGO to align certain hot blocks in loops. This improves
performance an additional 1-1.5% at a cost of an additional
0.1% text and binary size. This is currently only implemented
on 386 and amd64 because it has not shown an improvement on
other platforms. Hot block alignment can be disabled with
-gcflags=[<packages>=]-d=alignhot=0.
* Linker: The linker now disallows using a //go:linkname
directive to refer to internal symbols in the standard library
(including the runtime) that are not marked with //go:linkname
on their definitions. Similarly, the linker disallows
references to such symbols from assembly code. For backward
compatibility, existing usages of //go:linkname found in a
large open-source code corpus remain supported. Any new
references to standard library internal symbols will be
disallowed.
* Linker: A linker command line flag -checklinkname=0 can be used
to disable this check, for debugging and experimenting
purposes.
* Linker: When building a dynamically linked ELF binary
(including PIE binary), the new -bindnow flag enables immediate
function binding.
* Standard library changes:
* timer: 1.23 makes two significant changes to the implementation
of time.Timer and time.Ticker.
First, Timers and Tickers that are no longer referred to by the
program become eligible for garbage collection immediately,
even if their Stop methods have not been called. Earlier
versions of Go did not collect unstopped Timers until after
they had fired and never collected unstopped Tickers.
Second, the timer channel associated with a Timer or Ticker is
now unbuffered, with capacity 0. The main effect of this change
is that Go now guarantees that for any call to a Reset or Stop
method, no stale values prepared before that call will be sent
or received after the call. Earlier versions of Go used
channels with a one-element buffer, making it difficult to use
Reset and Stop correctly. A visible effect of this change is
that len and cap of timer channels now returns 0 instead of 1,
which may affect programs that poll the length to decide
whether a receive on the timer channel will succeed. Such code
should use a non-blocking receive instead.
These new behaviors are only enabled when the main Go program
is in a module with a go.mod go line using Go 1.23.0 or
later. When Go 1.23 builds older programs, the old behaviors
remain in effect. The new GODEBUG setting asynctimerchan=1 can
be used to revert back to asynchronous channel behaviors even
when a program names Go 1.23.0 or later in its go.mod file.
* unique: The new unique package provides facilities for
canonicalizing values (like 'interning' or 'hash-consing').
Any value of comparable type may be canonicalized with the new
Make[T] function, which produces a reference to a canonical
copy of the value in the form of a Handle[T]. Two Handle[T] are
equal if and only if the values used to produce the handles are
equal, allowing programs to deduplicate values and reduce their
memory footprint. Comparing two Handle[T] values is efficient,
reducing down to a simple pointer comparison.
* iter: The new iter package provides the basic definitions for
working with user-defined iterators.
* slices: The slices package adds several functions that work
with iterators:
- All returns an iterator over slice indexes and values.
- Values returns an iterator over slice elements.
- Backward returns an iterator that loops over a slice backward.
- Collect collects values from an iterator into a new slice.
- AppendSeq appends values from an iterator to an existing slice.
- Sorted collects values from an iterator into a new slice, and then sorts the slice.
- SortedFunc is like Sorted but with a comparison function.
- SortedStableFunc is like SortFunc but uses a stable sort algorithm.
- Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice.
* maps: The maps package adds several functions that work with
iterators:
- All returns an iterator over key-value pairs from a map.
- Keys returns an iterator over keys in a map.
- Values returns an iterator over values in a map.
- Insert adds the key-value pairs from an iterator to an existing map.
- Collect collects key-value pairs from an iterator into a new map and returns it.
* structs: The new structs package provides types for struct
fields that modify properties of the containing struct type
such as memory layout.
In this release, the only such type is HostLayout which
indicates that a structure with a field of that type has a
layout that conforms to host platform expectations.
* Minor changes to the standard library: As always, there are
various minor changes and updates to the library, made with the
Go 1 promise of compatibility in mind.
* archive/tar: If the argument to FileInfoHeader implements the
new FileInfoNames interface, then the interface methods will be
used to set the Uname/Gname of the file header. This allows
applications to override the system-dependent Uname/Gname
lookup.
* crypto/tls: The TLS client now supports the Encrypted Client
Hello draft specification. This feature can be enabled by
setting the Config.EncryptedClientHelloConfigList field to an
encoded ECHConfigList for the host that is being connected to.
* crypto/tls: The QUICConn type used by QUIC implementations
includes new events reporting on the state of session
resumption, and provides a way for the QUIC layer to add data
to session tickets and session cache entries.
* crypto/tls: 3DES cipher suites were removed from the default
list used when Config.CipherSuites is nil. The default can be
reverted by adding tls3des=1 to the GODEBUG environment
variable.
* crypto/tls: The experimental post-quantum key exchange
mechanism X25519Kyber768Draft00 is now enabled by default when
Config.CurvePreferences is nil. The default can be reverted by
adding tlskyber=0 to the GODEBUG environment variable.
* crypto/tls: Go 1.23 changed the behavior of X509KeyPair and
LoadX509KeyPair to populate the Certificate.Leaf field of the
returned Certificate. The new x509keypairleaf GODEBUG setting
is added for this behavior.
* crypto/x509: CreateCertificateRequest now correctly supports
RSA-PSS signature algorithms.
* crypto/x509: CreateCertificateRequest and CreateRevocationList
now verify the generated signature using the signer's public
key. If the signature is invalid, an error is returned. This
has been the behavior of CreateCertificate since Go 1.16.
* crypto/x509: The x509sha1 GODEBUG setting will be removed in
the next Go major release (Go 1.24). This will mean that
crypto/x509 will no longer support verifying signatures on
certificates that use SHA-1 based signature algorithms.
* crypto/x509: The new ParseOID function parses a dot-encoded
ASN.1 Object Identifier string. The OID type now implements the
encoding.BinaryMarshaler, encoding.BinaryUnmarshaler,
encoding.TextMarshaler, encoding.TextUnmarshaler interfaces.
database/sql
* crypto/x509: Errors returned by driver.Valuer implementations
are now wrapped for improved error handling during operations
like DB.Query, DB.Exec, and DB.QueryRow.
* debug/elf: The debug/elf package now defines
PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch
Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD
binaries.
* debug/elf: Now defines the symbol type constants STT_RELC,
STT_SRELC, and STT_GNU_IFUNC.
* encoding/binary The new Encode and Decode functions are byte
slice equivalents to Read and Write. Append allows marshaling
multiple data into the same byte slice.
* go/ast: The new Preorder function returns a convenient iterator
over all the nodes of a syntax tree.
* go/types: The Func type, which represents a function or method
symbol, now has a Func.Signature method that returns the
function's type, which is always a Signature.
* go/types: The Alias type now has an Rhs method that returns the
type on the right-hand side of its declaration: given type A =
B, the Rhs of A is B. (go#66559)
* go/types: The methods Alias.Origin, Alias.SetTypeParams,
Alias.TypeParams, and Alias.TypeArgs have been added. They are
needed for generic alias types.
* go/types: By default, go/types now produces Alias type nodes
for type aliases. This behavior can be controlled by the
GODEBUG gotypesalias flag. Its default has changed from 0 in Go
1.22 to 1 in Go 1.23.
* math/rand/v2: The Uint function and Rand.Uint method have been
added. They were inadvertently left out of Go 1.22.
* math/rand/v2: The new ChaCha8.Read method implements the
io.Reader interface.
* net: The new type KeepAliveConfig permits fine-tuning the
keep-alive options for TCP connections, via a new
TCPConn.SetKeepAliveConfig method and new KeepAliveConfig
fields for Dialer and ListenConfig.
* net: The DNSError type now wraps errors caused by timeouts or
cancellation. For example, errors.Is(someDNSErr,
context.DeadlineExceedeed) will now report whether a DNS error
was caused by a timeout.
* net: The new GODEBUG setting netedns0=0 disables sending EDNS0
additional headers on DNS requests, as they reportedly break
the DNS server on some modems.
* net/http: Cookie now preserves double quotes surrounding a
cookie value. The new Cookie.Quoted field indicates whether the
Cookie.Value was originally quoted.
* net/http: The new Request.CookiesNamed method retrieves all
cookies that match the given name.
* net/http: The new Cookie.Partitioned field identifies cookies
with the Partitioned attribute.
* net/http: The patterns used by ServeMux now allow one or more
spaces or tabs after the method name. Previously, only a single
space was permitted.
* net/http: The new ParseCookie function parses a Cookie header
value and returns all the cookies which were set in it. Since
the same cookie name can appear multiple times the returned
Values can contain more than one value for a given key.
* net/http: The new ParseSetCookie function parses a Set-Cookie
header value and returns a cookie. It returns an error on
syntax error.
* net/http: ServeContent, ServeFile, and ServeFileFS now remove
the Cache-Control, Content-Encoding, Etag, and Last-Modified
headers when serving an error. These headers usually apply to
the non-error content, but not to the text of errors.
* net/http: Middleware which wraps a ResponseWriter and applies
on-the-fly encoding, such as Content-Encoding: gzip, will not
function after this change. The previous behavior of
ServeContent, ServeFile, and ServeFileFS may be restored by
setting GODEBUG=httpservecontentkeepheaders=1.
Note that middleware which changes the size of the served
content (such as by compressing it) already does not function
properly when ServeContent handles a Range request. On-the-fly
compression should use the Transfer-Encoding header instead of
Content-Encoding.
* net/http: For inbound requests, the new Request.Pattern field
contains the ServeMux pattern (if any) that matched the
request. This field is not set when GODEBUG=httpmuxgo121=1 is
set.
* net/http/httptest: The new NewRequestWithContext method creates
an incoming request with a context.Context.
* net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to
compare an Addr holding an IPv4 address to one holding the
IPv4-mapped IPv6 form of that address incorrectly returned
true, even though the Addr values were different when comparing
with == or Addr.Compare. This bug is now fixed and all three
approaches now report the same result.
* os: The Stat function now sets the ModeSocket bit for files
that are Unix sockets on Windows. These files are identified by
having a reparse tag set to IO_REPARSE_TAG_AF_UNIX.
* os: On Windows, the mode bits reported by Lstat and Stat for
reparse points changed. Mount points no longer have ModeSymlink
set, and reparse points that are not symlinks, Unix sockets, or
dedup files now always have ModeIrregular set. This behavior is
controlled by the winsymlink setting. For Go 1.23, it defaults
to winsymlink=1. Previous versions default to winsymlink=0.
* os: The CopyFS function copies an io/fs.FS into the local
filesystem.
* os: On Windows, Readlink no longer tries to normalize volumes
to drive letters, which was not always even possible. This
behavior is controlled by the winreadlinkvolume setting. For Go
1.23, it defaults to winreadlinkvolume=1. Previous versions
default to winreadlinkvolume=0.
* os: On Linux with pidfd support (generally Linux v5.4+),
Process-related functions and methods use pidfd (rather than
PID) internally, eliminating potential mistargeting when a PID
is reused by the OS. Pidfd support is fully transparent to a
user, except for additional process file descriptors that a
process may have.
* path/filepath: The new Localize function safely converts a
slash-separated path into an operating system path.
* path/filepath: On Windows, EvalSymlinks no longer evaluates
mount points, which was a source of many inconsistencies and
bugs. This behavior is controlled by the winsymlink
setting. For Go 1.23, it defaults to winsymlink=1. Previous
versions default to winsymlink=0.
* path/filepath: On Windows, EvalSymlinks no longer tries to
normalize volumes to drive letters, which was not always even
possible. This behavior is controlled by the winreadlinkvolume
setting. For Go 1.23, it defaults to
winreadlinkvolume=1. Previous versions default to
winreadlinkvolume=0.
* reflect: The new methods synonymous with the methods of the
same name in Value are added to Type:
- Type.OverflowComplex
- Type.OverflowFloat
- Type.OverflowInt
- Type.OverflowUint
* reflect: The new SliceAt function is analogous to NewAt, but
for slices.
* reflect: The Value.Pointer and Value.UnsafePointer methods now
support values of kind String.
* reflect: The new methods Value.Seq and Value.Seq2 return
sequences that iterate over the value as though it were used in
a for/range loop. The new methods Type.CanSeq and Type.CanSeq2
report whether calling Value.Seq and Value.Seq2, respectively,
will succeed without panicking.
* runtime/debug: The SetCrashOutput function allows the user to
specify an alternate file to which the runtime should write its
fatal crash report. It may be used to construct an automated
reporting mechanism for all unexpected crashes, not just those
in goroutines that explicitly use recover.
* runtime/pprof: The maximum stack depth for alloc, mutex, block,
threadcreate and goroutine profiles has been raised from 32 to
128 frames.
* runtime/trace: The runtime now explicitly flushes trace data
when a program crashes due to an uncaught panic. This means
that more complete trace data will be available in a trace if
the program crashes while tracing is active.
* slices: The Repeat function returns a new slice that repeats
the provided slice the given number of times.
* sync: The Map.Clear method deletes all the entries, resulting
in an empty Map. It is analogous to clear.
* sync/atomic: The new And and Or operators apply a bitwise AND
or OR to the given input, returning the old value.
* syscall: The syscall package now defines WSAENOPROTOOPT on
Windows.
* syscall: The GetsockoptInt function is now supported on
Windows.
* testing/fstest: TestFS now returns a structured error that can
be unwrapped (via method Unwrap() []error). This allows
inspecting errors using errors.Is or errors.As.
* text/template: Templates now support the new 'else with'
action, which reduces template complexity in some use cases.
* time: Parse and ParseInLocation now return an error if the time
zone offset is out of range.
* unicode/utf16: The RuneLen function returns the number of
16-bit words in the UTF-16 encoding of the rune. It returns -1
if the rune is not a valid value to encode in UTF-16.
* Port: Darwin: As announced in the Go 1.22 release notes, Go
1.23 requires macOS 11 Big Sur or later; support for previous
versions has been discontinued.
* Port: Linux: Go 1.23 is the last release that requires Linux
kernel version 2.6.32 or later. Go 1.24 will require Linux
kernel version 3.17 or later, with an exception that systems
running 3.10 or later will continue to be supported if the
kernel has been patched to support the getrandom system call.
* Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on
64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64).
* Port: ARM64: Go 1.23 introduces a new GOARM64 environment
variable, which specifies the minimum target version of the
ARM64 architecture at compile time. Allowed values are v8.{0-9}
and v9.{0-5}. This may be followed by an option specifying
extensions implemented by target hardware. Valid options are
,lse and ,crypto.
The GOARM64 environment variable defaults to v8.0.
* Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment
variable, which selects the RISC-V user-mode application
profile for which to compile. Allowed values are rva20u64 and
rva22u64.
The GORISCV64 environment variable defaults to rva20u64.
* Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm
has dropped support for versions of wasmtime < 14.0.0.
Patchnames: SUSE-2024-3937,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3937,openSUSE-SLE-15.6-2024-3937
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
17 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.23-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.23-openssl fixes the following issues:\n\nThis update ships go1.23-openssl version 1.23.2.2. (jsc#SLE-18320)\n\n- go1.23.2 (released 2024-10-01) includes fixes to the compiler,\n cgo, the runtime, and the maps, os, os/exec, time, and unique\n packages.\n\n * go#69119 os: double close pidfd if caller uses pidfd updated by os.StartProcess\n * go#69156 maps: segmentation violation in maps.Clone\n * go#69219 cmd/cgo: alignment issue with int128 inside of a struct\n * go#69240 unique: fatal error: found pointer to free object\n * go#69333 runtime,time: timer.Stop returns false even when no value is read from the channel\n * go#69383 unique: large string still referenced, after interning only a small substring\n * go#69402 os/exec: resource leak on exec failure\n * go#69511 cmd/compile: mysterious crashes and non-determinism with range over func\n\n- Update to version 1.23.1.1 cut from the go1.23-fips-release\n branch at the revision tagged go1.23.1-1-openssl-fips.\n\n * Update to Go 1.23.1 (#238)\n\n- go1.23.1 (released 2024-09-05) includes security fixes to the\n encoding/gob, go/build/constraint, and go/parser packages, as\n well as bug fixes to the compiler, the go command, the runtime,\n and the database/sql, go/types, os, runtime/trace, and unique\n packages.\n\n CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:\n\n - go#69143 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions\n - go#69145 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode\n - go#69149 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse\n - go#68812 os: TestChtimes failures\n - go#68894 go/types: \u0027under\u0027 panics on Alias type\n - go#68905 cmd/compile: error in Go 1.23.0 with generics, type aliases and indexing\n - go#68907 os: CopyFS overwrites existing file in destination.\n - go#68973 cmd/cgo: aix c-archive corrupting stack\n - go#68992 unique: panic when calling unique.Make with string casted as any\n - go#68994 cmd/go: any invocation creates read-only telemetry configuration file under GOMODCACHE\n - go#68995 cmd/go: multi-arch build via qemu fails to exec go binary\n - go#69041 database/sql: panic in database/sql.(*connRequestSet).deleteIndex\n - go#69087 runtime/trace: crash during traceAdvance when collecting call stack for cgo-calling goroutine\n - go#69094 cmd/go: breaking change in 1.23rc2 with version constraints in GOPATH mode\n\n- go1.23 (released 2024-08-13) is a major release of Go.\n go1.23.x minor releases will be provided through August 2025.\n https://github.com/golang/go/wiki/Go-Release-Cycle\n go1.23 arrives six months after go1.22. Most of its changes are\n in the implementation of the toolchain, runtime, and libraries.\n As always, the release maintains the Go 1 promise of\n compatibility. We expect almost all Go programs to continue to\n compile and run as before.\n\n * Language change: Go 1.23 makes the (Go 1.22) \u0027range-over-func\u0027\n experiment a part of the language. The \u0027range\u0027 clause in a\n \u0027for-range\u0027 loop now accepts iterator functions of the\n following types:\n func(func() bool)\n func(func(K) bool)\n func(func(K, V) bool)\n as range expressions. Calls of the iterator argument function\n produce the iteration values for the \u0027for-range\u0027 loop. For\n details see the iter package documentation and the language\n spec. For motivation see the 2022 \u0027range-over-func\u0027 discussion.\n * Language change: Go 1.23 includes preview support for generic\n type aliases. Building the toolchain with\n GOEXPERIMENT=aliastypeparams enables this feature within a\n package. (Using generic alias types across package boundaries\n is not yet supported.)\n * Opt-in Telemetry: Starting in Go 1.23, the Go toolchain can\n collect usage and breakage statistics that help the Go team\n understand how the Go toolchain is used and how well it is\n working. We refer to these statistics as Go telemetry.\n Go telemetry is an opt-in system, controlled by the go\n telemetry command. By default, the toolchain programs collect\n statistics in counter files that can be inspected locally but\n are otherwise unused (go telemetry local).\n To help us keep Go working well and understand Go usage, please\n consider opting in to Go telemetry by running go telemetry\n on. In that mode, anonymous counter reports are uploaded to\n telemetry.go.dev weekly, where they are aggregated into graphs\n and also made available for download by any Go contributors or\n users wanting to analyze the data. See \u0027Go Telemetry\u0027 for more\n details about the Go Telemetry system.\n * go command: Setting the GOROOT_FINAL environment variable no\n longer has an effect (#62047). Distributions that install the\n go command to a location other than $GOROOT/bin/go should\n install a symlink instead of relocating or copying the go\n binary.\n * go command: The new go env -changed flag causes the command to\n print only those settings whose effective value differs from\n the default value that would be obtained in an empty\n environment with no prior uses of the -w flag.\n * go command: The new go mod tidy -diff flag causes the command\n not to modify the files but instead print the necessary changes\n as a unified diff. It exits with a non-zero code if updates are\n needed.\n * go command: The go list -m -json command now includes new Sum\n and GoModSum fields. This is similar to the existing behavior\n of the go mod download -json command.\n * go command: The new godebug directive in go.mod and go.work\n declares a GODEBUG setting to apply for the work module or\n workspace in use.\n * go vet: The go vet subcommand now includes the stdversion\n analyzer, which flags references to symbols that are too new\n for the version of Go in effect in the referring file. (The\n effective version is determined by the go directive in the\n file\u0027s enclosing go.mod file, and by any //go:build constraints\n in the file.)\n For example, it will report a diagnostic for a reference to the\n reflect.TypeFor function (introduced in go1.22) from a file in\n a module whose go.mod file specifies go 1.21.\n * cgo: cmd/cgo supports the new -ldflags flag for passing flags\n to the C linker. The go command uses it automatically, avoiding\n \u0027argument list too long\u0027 errors with a very large CGO_LDFLAGS.\n * go trace: The trace tool now better tolerates partially broken\n traces by attempting to recover what trace data it can. This\n functionality is particularly helpful when viewing a trace that\n was collected during a program crash, since the trace data\n leading up to the crash will now be recoverable under most\n circumstances.\n * Runtime: The traceback printed by the runtime after an\n unhandled panic or other fatal error now indents the second and\n subsequent lines of the error message (for example, the\n argument to panic) by a single tab, so that it can be\n unambiguously distinguished from the stack trace of the first\n goroutine. See go#64590 for discussion.\n * Compiler: The build time overhead to building with Profile\n Guided Optimization has been reduced significantly. Previously,\n large builds could see 100%+ build time increase from enabling\n PGO. In Go 1.23, overhead should be in the single digit\n percentages.\n * Compiler: The compiler in Go 1.23 can now overlap the stack\n frame slots of local variables accessed in disjoint regions of\n a function, which reduces stack usage for Go applications.\n * Compiler: For 386 and amd64, the compiler will use information\n from PGO to align certain hot blocks in loops. This improves\n performance an additional 1-1.5% at a cost of an additional\n 0.1% text and binary size. This is currently only implemented\n on 386 and amd64 because it has not shown an improvement on\n other platforms. Hot block alignment can be disabled with\n -gcflags=[\u003cpackages\u003e=]-d=alignhot=0.\n * Linker: The linker now disallows using a //go:linkname\n directive to refer to internal symbols in the standard library\n (including the runtime) that are not marked with //go:linkname\n on their definitions. Similarly, the linker disallows\n references to such symbols from assembly code. For backward\n compatibility, existing usages of //go:linkname found in a\n large open-source code corpus remain supported. Any new\n references to standard library internal symbols will be\n disallowed.\n * Linker: A linker command line flag -checklinkname=0 can be used\n to disable this check, for debugging and experimenting\n purposes.\n * Linker: When building a dynamically linked ELF binary\n (including PIE binary), the new -bindnow flag enables immediate\n function binding.\n * Standard library changes:\n * timer: 1.23 makes two significant changes to the implementation\n of time.Timer and time.Ticker.\n First, Timers and Tickers that are no longer referred to by the\n program become eligible for garbage collection immediately,\n even if their Stop methods have not been called. Earlier\n versions of Go did not collect unstopped Timers until after\n they had fired and never collected unstopped Tickers.\n Second, the timer channel associated with a Timer or Ticker is\n now unbuffered, with capacity 0. The main effect of this change\n is that Go now guarantees that for any call to a Reset or Stop\n method, no stale values prepared before that call will be sent\n or received after the call. Earlier versions of Go used\n channels with a one-element buffer, making it difficult to use\n Reset and Stop correctly. A visible effect of this change is\n that len and cap of timer channels now returns 0 instead of 1,\n which may affect programs that poll the length to decide\n whether a receive on the timer channel will succeed. Such code\n should use a non-blocking receive instead.\n These new behaviors are only enabled when the main Go program\n is in a module with a go.mod go line using Go 1.23.0 or\n later. When Go 1.23 builds older programs, the old behaviors\n remain in effect. The new GODEBUG setting asynctimerchan=1 can\n be used to revert back to asynchronous channel behaviors even\n when a program names Go 1.23.0 or later in its go.mod file.\n * unique: The new unique package provides facilities for\n canonicalizing values (like \u0027interning\u0027 or \u0027hash-consing\u0027).\n Any value of comparable type may be canonicalized with the new\n Make[T] function, which produces a reference to a canonical\n copy of the value in the form of a Handle[T]. Two Handle[T] are\n equal if and only if the values used to produce the handles are\n equal, allowing programs to deduplicate values and reduce their\n memory footprint. Comparing two Handle[T] values is efficient,\n reducing down to a simple pointer comparison.\n * iter: The new iter package provides the basic definitions for\n working with user-defined iterators.\n * slices: The slices package adds several functions that work\n with iterators:\n - All returns an iterator over slice indexes and values.\n - Values returns an iterator over slice elements.\n - Backward returns an iterator that loops over a slice backward.\n - Collect collects values from an iterator into a new slice.\n - AppendSeq appends values from an iterator to an existing slice.\n - Sorted collects values from an iterator into a new slice, and then sorts the slice.\n - SortedFunc is like Sorted but with a comparison function.\n - SortedStableFunc is like SortFunc but uses a stable sort algorithm.\n - Chunk returns an iterator over consecutive sub-slices of up to n elements of a slice.\n * maps: The maps package adds several functions that work with\n iterators:\n - All returns an iterator over key-value pairs from a map.\n - Keys returns an iterator over keys in a map.\n - Values returns an iterator over values in a map.\n - Insert adds the key-value pairs from an iterator to an existing map.\n - Collect collects key-value pairs from an iterator into a new map and returns it.\n * structs: The new structs package provides types for struct\n fields that modify properties of the containing struct type\n such as memory layout.\n In this release, the only such type is HostLayout which\n indicates that a structure with a field of that type has a\n layout that conforms to host platform expectations.\n * Minor changes to the standard library: As always, there are\n various minor changes and updates to the library, made with the\n Go 1 promise of compatibility in mind.\n * archive/tar: If the argument to FileInfoHeader implements the\n new FileInfoNames interface, then the interface methods will be\n used to set the Uname/Gname of the file header. This allows\n applications to override the system-dependent Uname/Gname\n lookup.\n * crypto/tls: The TLS client now supports the Encrypted Client\n Hello draft specification. This feature can be enabled by\n setting the Config.EncryptedClientHelloConfigList field to an\n encoded ECHConfigList for the host that is being connected to.\n * crypto/tls: The QUICConn type used by QUIC implementations\n includes new events reporting on the state of session\n resumption, and provides a way for the QUIC layer to add data\n to session tickets and session cache entries.\n * crypto/tls: 3DES cipher suites were removed from the default\n list used when Config.CipherSuites is nil. The default can be\n reverted by adding tls3des=1 to the GODEBUG environment\n variable.\n * crypto/tls: The experimental post-quantum key exchange\n mechanism X25519Kyber768Draft00 is now enabled by default when\n Config.CurvePreferences is nil. The default can be reverted by\n adding tlskyber=0 to the GODEBUG environment variable.\n * crypto/tls: Go 1.23 changed the behavior of X509KeyPair and\n LoadX509KeyPair to populate the Certificate.Leaf field of the\n returned Certificate. The new x509keypairleaf GODEBUG setting\n is added for this behavior.\n * crypto/x509: CreateCertificateRequest now correctly supports\n RSA-PSS signature algorithms.\n * crypto/x509: CreateCertificateRequest and CreateRevocationList\n now verify the generated signature using the signer\u0027s public\n key. If the signature is invalid, an error is returned. This\n has been the behavior of CreateCertificate since Go 1.16.\n * crypto/x509: The x509sha1 GODEBUG setting will be removed in\n the next Go major release (Go 1.24). This will mean that\n crypto/x509 will no longer support verifying signatures on\n certificates that use SHA-1 based signature algorithms.\n * crypto/x509: The new ParseOID function parses a dot-encoded\n ASN.1 Object Identifier string. The OID type now implements the\n encoding.BinaryMarshaler, encoding.BinaryUnmarshaler,\n encoding.TextMarshaler, encoding.TextUnmarshaler interfaces.\n database/sql\n * crypto/x509: Errors returned by driver.Valuer implementations\n are now wrapped for improved error handling during operations\n like DB.Query, DB.Exec, and DB.QueryRow.\n * debug/elf: The debug/elf package now defines\n PT_OPENBSD_NOBTCFI. This ProgType is used to disable Branch\n Tracking Control Flow Integrity (BTCFI) enforcement on OpenBSD\n binaries.\n * debug/elf: Now defines the symbol type constants STT_RELC,\n STT_SRELC, and STT_GNU_IFUNC.\n * encoding/binary The new Encode and Decode functions are byte\n slice equivalents to Read and Write. Append allows marshaling\n multiple data into the same byte slice.\n * go/ast: The new Preorder function returns a convenient iterator\n over all the nodes of a syntax tree.\n * go/types: The Func type, which represents a function or method\n symbol, now has a Func.Signature method that returns the\n function\u0027s type, which is always a Signature.\n * go/types: The Alias type now has an Rhs method that returns the\n type on the right-hand side of its declaration: given type A =\n B, the Rhs of A is B. (go#66559)\n * go/types: The methods Alias.Origin, Alias.SetTypeParams,\n Alias.TypeParams, and Alias.TypeArgs have been added. They are\n needed for generic alias types.\n * go/types: By default, go/types now produces Alias type nodes\n for type aliases. This behavior can be controlled by the\n GODEBUG gotypesalias flag. Its default has changed from 0 in Go\n 1.22 to 1 in Go 1.23.\n * math/rand/v2: The Uint function and Rand.Uint method have been\n added. They were inadvertently left out of Go 1.22.\n * math/rand/v2: The new ChaCha8.Read method implements the\n io.Reader interface.\n * net: The new type KeepAliveConfig permits fine-tuning the\n keep-alive options for TCP connections, via a new\n TCPConn.SetKeepAliveConfig method and new KeepAliveConfig\n fields for Dialer and ListenConfig.\n * net: The DNSError type now wraps errors caused by timeouts or\n cancellation. For example, errors.Is(someDNSErr,\n context.DeadlineExceedeed) will now report whether a DNS error\n was caused by a timeout.\n * net: The new GODEBUG setting netedns0=0 disables sending EDNS0\n additional headers on DNS requests, as they reportedly break\n the DNS server on some modems.\n * net/http: Cookie now preserves double quotes surrounding a\n cookie value. The new Cookie.Quoted field indicates whether the\n Cookie.Value was originally quoted.\n * net/http: The new Request.CookiesNamed method retrieves all\n cookies that match the given name.\n * net/http: The new Cookie.Partitioned field identifies cookies\n with the Partitioned attribute.\n * net/http: The patterns used by ServeMux now allow one or more\n spaces or tabs after the method name. Previously, only a single\n space was permitted.\n * net/http: The new ParseCookie function parses a Cookie header\n value and returns all the cookies which were set in it. Since\n the same cookie name can appear multiple times the returned\n Values can contain more than one value for a given key.\n * net/http: The new ParseSetCookie function parses a Set-Cookie\n header value and returns a cookie. It returns an error on\n syntax error.\n * net/http: ServeContent, ServeFile, and ServeFileFS now remove\n the Cache-Control, Content-Encoding, Etag, and Last-Modified\n headers when serving an error. These headers usually apply to\n the non-error content, but not to the text of errors.\n * net/http: Middleware which wraps a ResponseWriter and applies\n on-the-fly encoding, such as Content-Encoding: gzip, will not\n function after this change. The previous behavior of\n ServeContent, ServeFile, and ServeFileFS may be restored by\n setting GODEBUG=httpservecontentkeepheaders=1.\n Note that middleware which changes the size of the served\n content (such as by compressing it) already does not function\n properly when ServeContent handles a Range request. On-the-fly\n compression should use the Transfer-Encoding header instead of\n Content-Encoding.\n * net/http: For inbound requests, the new Request.Pattern field\n contains the ServeMux pattern (if any) that matched the\n request. This field is not set when GODEBUG=httpmuxgo121=1 is\n set.\n * net/http/httptest: The new NewRequestWithContext method creates\n an incoming request with a context.Context.\n * net/netip: In Go 1.22 and earlier, using reflect.DeepEqual to\n compare an Addr holding an IPv4 address to one holding the\n IPv4-mapped IPv6 form of that address incorrectly returned\n true, even though the Addr values were different when comparing\n with == or Addr.Compare. This bug is now fixed and all three\n approaches now report the same result.\n * os: The Stat function now sets the ModeSocket bit for files\n that are Unix sockets on Windows. These files are identified by\n having a reparse tag set to IO_REPARSE_TAG_AF_UNIX.\n * os: On Windows, the mode bits reported by Lstat and Stat for\n reparse points changed. Mount points no longer have ModeSymlink\n set, and reparse points that are not symlinks, Unix sockets, or\n dedup files now always have ModeIrregular set. This behavior is\n controlled by the winsymlink setting. For Go 1.23, it defaults\n to winsymlink=1. Previous versions default to winsymlink=0.\n * os: The CopyFS function copies an io/fs.FS into the local\n filesystem.\n * os: On Windows, Readlink no longer tries to normalize volumes\n to drive letters, which was not always even possible. This\n behavior is controlled by the winreadlinkvolume setting. For Go\n 1.23, it defaults to winreadlinkvolume=1. Previous versions\n default to winreadlinkvolume=0.\n * os: On Linux with pidfd support (generally Linux v5.4+),\n Process-related functions and methods use pidfd (rather than\n PID) internally, eliminating potential mistargeting when a PID\n is reused by the OS. Pidfd support is fully transparent to a\n user, except for additional process file descriptors that a\n process may have.\n * path/filepath: The new Localize function safely converts a\n slash-separated path into an operating system path.\n * path/filepath: On Windows, EvalSymlinks no longer evaluates\n mount points, which was a source of many inconsistencies and\n bugs. This behavior is controlled by the winsymlink\n setting. For Go 1.23, it defaults to winsymlink=1. Previous\n versions default to winsymlink=0.\n * path/filepath: On Windows, EvalSymlinks no longer tries to\n normalize volumes to drive letters, which was not always even\n possible. This behavior is controlled by the winreadlinkvolume\n setting. For Go 1.23, it defaults to\n winreadlinkvolume=1. Previous versions default to\n winreadlinkvolume=0.\n * reflect: The new methods synonymous with the methods of the\n same name in Value are added to Type:\n - Type.OverflowComplex\n - Type.OverflowFloat\n - Type.OverflowInt\n - Type.OverflowUint\n * reflect: The new SliceAt function is analogous to NewAt, but\n for slices.\n * reflect: The Value.Pointer and Value.UnsafePointer methods now\n support values of kind String.\n * reflect: The new methods Value.Seq and Value.Seq2 return\n sequences that iterate over the value as though it were used in\n a for/range loop. The new methods Type.CanSeq and Type.CanSeq2\n report whether calling Value.Seq and Value.Seq2, respectively,\n will succeed without panicking.\n * runtime/debug: The SetCrashOutput function allows the user to\n specify an alternate file to which the runtime should write its\n fatal crash report. It may be used to construct an automated\n reporting mechanism for all unexpected crashes, not just those\n in goroutines that explicitly use recover.\n * runtime/pprof: The maximum stack depth for alloc, mutex, block,\n threadcreate and goroutine profiles has been raised from 32 to\n 128 frames.\n * runtime/trace: The runtime now explicitly flushes trace data\n when a program crashes due to an uncaught panic. This means\n that more complete trace data will be available in a trace if\n the program crashes while tracing is active.\n * slices: The Repeat function returns a new slice that repeats\n the provided slice the given number of times.\n * sync: The Map.Clear method deletes all the entries, resulting\n in an empty Map. It is analogous to clear.\n * sync/atomic: The new And and Or operators apply a bitwise AND\n or OR to the given input, returning the old value.\n * syscall: The syscall package now defines WSAENOPROTOOPT on\n Windows.\n * syscall: The GetsockoptInt function is now supported on\n Windows.\n * testing/fstest: TestFS now returns a structured error that can\n be unwrapped (via method Unwrap() []error). This allows\n inspecting errors using errors.Is or errors.As.\n * text/template: Templates now support the new \u0027else with\u0027\n action, which reduces template complexity in some use cases.\n * time: Parse and ParseInLocation now return an error if the time\n zone offset is out of range.\n * unicode/utf16: The RuneLen function returns the number of\n 16-bit words in the UTF-16 encoding of the rune. It returns -1\n if the rune is not a valid value to encode in UTF-16.\n * Port: Darwin: As announced in the Go 1.22 release notes, Go\n 1.23 requires macOS 11 Big Sur or later; support for previous\n versions has been discontinued.\n * Port: Linux: Go 1.23 is the last release that requires Linux\n kernel version 2.6.32 or later. Go 1.24 will require Linux\n kernel version 3.17 or later, with an exception that systems\n running 3.10 or later will continue to be supported if the\n kernel has been patched to support the getrandom system call.\n * Port: OpenBSD: Go 1.23 adds experimental support for OpenBSD on\n 64-bit RISC-V (GOOS=openbsd, GOARCH=riscv64).\n * Port: ARM64: Go 1.23 introduces a new GOARM64 environment\n variable, which specifies the minimum target version of the\n ARM64 architecture at compile time. Allowed values are v8.{0-9}\n and v9.{0-5}. This may be followed by an option specifying\n extensions implemented by target hardware. Valid options are\n ,lse and ,crypto.\n The GOARM64 environment variable defaults to v8.0.\n * Port: RISC-V: Go 1.23 introduces a new GORISCV64 environment\n variable, which selects the RISC-V user-mode application\n profile for which to compile. Allowed values are rva20u64 and\n rva22u64.\n The GORISCV64 environment variable defaults to rva20u64.\n * Port: Wasm: The go_wasip1_wasm_exec script in GOROOT/misc/wasm\n has dropped support for versions of wasmtime \u003c 14.0.0.\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3937,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3937,openSUSE-SLE-15.6-2024-3937",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3937-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3937-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243937-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3937-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019792.html"
},
{
"category": "self",
"summary": "SUSE Bug 1229122",
"url": "https://bugzilla.suse.com/1229122"
},
{
"category": "self",
"summary": "SUSE Bug 1230252",
"url": "https://bugzilla.suse.com/1230252"
},
{
"category": "self",
"summary": "SUSE Bug 1230253",
"url": "https://bugzilla.suse.com/1230253"
},
{
"category": "self",
"summary": "SUSE Bug 1230254",
"url": "https://bugzilla.suse.com/1230254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34158/"
}
],
"title": "Security update for go1.23-openssl",
"tracking": {
"current_release_date": "2024-11-07T10:08:07Z",
"generator": {
"date": "2024-11-07T10:08:07Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3937-1",
"initial_release_date": "2024-11-07T10:08:07Z",
"revision_history": [
{
"date": "2024-11-07T10:08:07Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"product": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"product_id": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"product_id": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"product_id": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.i586",
"product": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.i586",
"product_id": "go1.23-openssl-1.23.2.2-150600.13.3.1.i586"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.i586",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.i586",
"product_id": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"product_id": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"product_id": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"product_id": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"product": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"product_id": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"product_id": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"product_id": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"product": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"product_id": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"product": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"product_id": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"product": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"product_id": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
},
"product_reference": "go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34155"
}
],
"notes": [
{
"category": "general",
"text": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34155",
"url": "https://www.suse.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "SUSE Bug 1230252 for CVE-2024-34155",
"url": "https://bugzilla.suse.com/1230252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34156"
}
],
"notes": [
{
"category": "general",
"text": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34156",
"url": "https://www.suse.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "SUSE Bug 1230253 for CVE-2024-34156",
"url": "https://bugzilla.suse.com/1230253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34158"
}
],
"notes": [
{
"category": "general",
"text": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34158",
"url": "https://www.suse.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "SUSE Bug 1230254 for CVE-2024-34158",
"url": "https://bugzilla.suse.com/1230254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-doc-1.23.2.2-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.23-openssl-race-1.23.2.2-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:07Z",
"details": "moderate"
}
],
"title": "CVE-2024-34158"
}
]
}
SUSE-SU-2024:3938-1
Vulnerability from csaf_suse - Published: 2024-11-07 10:08 - Updated: 2024-11-07 10:08Summary
Security update for go1.22-openssl
Severity
Important
Notes
Title of the patch: Security update for go1.22-openssl
Description of the patch: This update for go1.22-openssl fixes the following issues:
This update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320)
- Update to version 1.22.7.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.7-1-openssl-fips.
* Update to Go 1.22.7 (#229)
- go1.22.7 (released 2024-09-05) includes security fixes to the
encoding/gob, go/build/constraint, and go/parser packages, as
well as bug fixes to the fix command and the runtime.
CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:
- go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)
- go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)
- go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)
- go#68811 os: TestChtimes failures
- go#68825 cmd/fix: fails to run on modules whose go directive value is in '1.n.m' format introduced in Go 1.21.0
- go#68972 cmd/cgo: aix c-archive corrupting stack
- go1.22.6 (released 2024-08-06) includes fixes to the go command,
the compiler, the linker, the trace command, the covdata command,
and the bytes, go/types, and os/exec packages.
* go#68594 cmd/compile: internal compiler error with zero-size types
* go#68546 cmd/trace/v2: pprof profiles always empty
* go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop
* go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm
* go#68370 go/types: assertion failure in recent range statement checking logic
* go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows
* go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race
* go#68222 cmd/go: list with -export and -covermode=atomic fails to build
* go#68198 cmd/link: issues with Xcode 16 beta
- Update to version 1.22.5.3 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-3-openssl-fips.
* Only load openssl if fips == '1'
Avoid loading openssl whenever GOLANG_FIPS is not 1.
Previously only an unset variable would cause the library load
to be skipped, but users may also expect to be able to set eg.
GOLANG_FIPS=0 in environments without openssl.
- Update to version 1.22.5.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-2-openssl-fips.
* Only load OpenSSL when in FIPS mode
- Update to version 1.22.5.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.5-1-openssl-fips.
* Update to go1.22.5
- go1.22.5 (released 2024-07-02) includes security fixes to the
net/http package, as well as bug fixes to the compiler, cgo, the
go command, the linker, the runtime, and the crypto/tls,
go/types, net, net/http, and os/exec packages.
CVE-2024-24791:
* go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways
* go#65983 cmd/compile: hash of unhashable type
* go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault()
* go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without '.exe' no longer implicitly adds '.exe' in Go 1.22
* go#67298 runtime: 'fatal: morestack on g0' on amd64 after upgrade to Go 1.21, stale bounds
* go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders
* go#67798 cmd/compile: internal compiler error: unexpected type: <nil> (<nil>) in for-range
* go#67820 cmd/compile: package-level variable initialization with constant dependencies doesn't match order specified in Go spec
* go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0
* go#67934 net: go DNS resolver fails to connect to local DNS server
* go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure
* go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go >= 1.N+1 (running go 1.N)
* go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT))
- Update to version 1.22.4.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.4-1-openssl-fips.
* Update to go1.22.4
- go1.22.4 (released 2024-06-04) includes security fixes to the
archive/zip and net/netip packages, as well as bug fixes to the
compiler, the go command, the linker, the runtime, and the os
package.
CVE-2024-24789 CVE-2024-24790:
* go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations
* go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses
* go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes
* go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64
* go#67236 cmd/go: mod tidy reports toolchain not available with 'go 1.21'
* go#67258 runtime: unexpected fault address 0
* go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally
* go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID
* go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections
* go#67460 cmd/compile: internal compiler error: panic with range over integer value
* go#67527 cmd/link: panic: machorelocsect: size mismatch
* go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start
* go#67696 os: RemoveAll susceptible to symlink race
- Update to version 1.22.3.3 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-3-openssl-fips.
* config: update openssl backend (#201)
- Update to version 1.22.3.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-2-openssl-fips.
* patches: restore signature of HashSign/HashVerify (#199)
- Update to version 1.22.3.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.3-1-openssl-fips.
* Update to go1.22.3
* fix: rename patch file
* Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193)
runtime: crash asap and extend total sleep time for slow machine in test
Running with few threads usually does not need 500ms to crash, so let it
crash as soon as possible. While the test may caused more time on slow
machine, try to expand the sleep time in test.
* cmd/go: re-enable CGO for Go toolchain commands (#190)
* crypto/ecdsa: Restore HashSign and HashVerify (#189)
- go1.22.3 (released 2024-05-07) includes security fixes to the go
command and the net package, as well as bug fixes to the
compiler, the runtime, and the net/http package.
CVE-2024-24787 CVE-2024-24788:
* go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin
* go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode
* go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le
* go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE
* go#66886 runtime: deterministic fallback hashes across process boundary
* go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0
- Update to version 1.22.2.1 cut from the go1.22-fips-release
branch at the revision tagged go1.22.2-1-openssl-fips.
* Update to go1.22.2
- go1.22.2 (released 2024-04-03) includes a security fix to the
net/http package, as well as bug fixes to the compiler, the go
command, the linker, and the encoding/gob, go/types, net/http,
and runtime/trace packages.
CVE-2023-45288:
* go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers
* go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1
* go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation
* go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64
* go#66134 cmd/compile: go test . results in CLOSURE ... <unknown line number>: internal compiler error: assertion failed
* go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument
* go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr
* go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows
* go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock
* go#66256 cmd/go: git shallow fetches broken at CL 556358
* go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22
* go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le
- Update to version 1.22.1.2 cut from the go1.22-fips-release
branch at the revision tagged go1.22.1-2-openssl-fips.
* config: Update openssl v2 module (#178)
- Remove subpackage go1.x-openssl-libstd for compiled shared object
libstd.so.
* Continue to build experimental libstd only on go1.x Tumbleweed.
* Removal fixes build errors on go1.x-openssl Factory and ALP.
* Use of libstd.so is experimental and not recommended for
general use, Go currently has no ABI.
* Feature go build -buildmode=shared is deprecated by upstream,
but not yet removed.
- Initial package go1.22-openssl version 1.22.1.1 cut from the
go1.22-fips-release branch at the revision tagged
go1.22.1-1-openssl-fips.
* Go upstream merged branch dev.boringcrypto in go1.19+.
* In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.
* In go1.x-openssl enable FIPS mode (or boring mode as the
package is named) either via an environment variable
GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.
* When the operating system is operating in FIPS mode, Go
applications which import crypto/tls/fipsonly limit operations
to the FIPS ciphersuite.
* go1.x-openssl is delivered as two large patches to go1.x
applying necessary modifications from the golang-fips/go GitHub
project for the Go crypto library to use OpenSSL as the
external cryptographic library in a FIPS compliant way.
* go1.x-openssl modifies the crypto/* packages to use OpenSSL for
cryptographic operations.
* go1.x-openssl uses dlopen() to call into OpenSSL.
* SUSE RPM packaging introduces a fourth version digit go1.x.y.z
corresponding to the golang-fips/go patchset tagged revision.
* Patchset improvements can be updated independently of upstream
Go maintenance releases.
- go1.22.1 (released 2024-03-05) includes security fixes to the
crypto/x509, html/template, net/http, net/http/cookiejar, and
net/mail packages, as well as bug fixes to the compiler, the go
command, the runtime, the trace command, and the go/types and
net/http packages.
CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785:
* go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm
* go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled
* go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm
* go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect
* go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping
* go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module
* go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders
* go#65474 internal/testenv: support LUCI mobile builders in testenv tests
* go#65577 cmd/trace/v2: goroutine analysis page doesn't identify goroutines consistently
* go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change
* go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0
* go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing
* go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer
* go#65728 go/types: nil pointer dereference in Alias.Underlying()
* go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22
* go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux
* go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer
* go#65852 cmd/go: 'missing ziphash' error with go.work
* go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms
* bsc#1219988 ensure VERSION file is present in GOROOT
as required by go tool dist and go tool distpack
- go1.22 (released 2024-02-06) is a major release of Go.
go1.22.x minor releases will be provided through February 2024.
https://github.com/golang/go/wiki/Go-Release-Cycle
go1.22 arrives six months after go1.21. Most of its changes are
in the implementation of the toolchain, runtime, and libraries.
As always, the release maintains the Go 1 promise of
compatibility. We expect almost all Go programs to continue to
compile and run as before.
* Language change: go1.22 makes two changes to for loops.
Previously, the variables declared by a for loop were created
once and updated by each iteration. In go1.22, each iteration
of the loop creates new variables, to avoid accidental sharing
bugs. The transition support tooling described in the proposal
continues to work in the same way it did in Go 1.21.
* Language change: For loops may now range over integers
* Language change: go1.22 includes a preview of a language change
we are considering for a future version of Go:
range-over-function iterators. Building with
GOEXPERIMENT=rangefunc enables this feature.
* go command: Commands in workspaces can now use a vendor
directory containing the dependencies of the workspace. The
directory is created by go work vendor, and used by build
commands when the -mod flag is set to vendor, which is the
default when a workspace vendor directory is present. Note
that the vendor directory's contents for a workspace are
different from those of a single module: if the directory at
the root of a workspace also contains one of the modules in the
workspace, its vendor directory can contain the dependencies of
either the workspace or of the module, but not both.
* go get is no longer supported outside of a module in the legacy
GOPATH mode (that is, with GO111MODULE=off). Other build
commands, such as go build and go test, will continue to work
indefinitely for legacy GOPATH programs.
* go mod init no longer attempts to import module requirements
from configuration files for other vendoring tools (such as
Gopkg.lock).
* go test -cover now prints coverage summaries for covered
packages that do not have their own test files. Prior to Go
1.22 a go test -cover run for such a package would report: ?
mymod/mypack [no test files] and now with go1.22, functions in
the package are treated as uncovered: mymod/mypack coverage:
0.0% of statements Note that if a package contains no
executable code at all, we can't report a meaningful coverage
percentage; for such packages the go tool will continue to
report that there are no test files.
* trace: The trace tool's web UI has been gently refreshed as
part of the work to support the new tracer, resolving several
issues and improving the readability of various sub-pages. The
web UI now supports exploring traces in a thread-oriented
view. The trace viewer also now displays the full duration of
all system calls. These improvements only apply for viewing
traces produced by programs built with go1.22 or newer. A
future release will bring some of these improvements to traces
produced by older version of Go.
* vet: References to loop variables The behavior of the vet tool
has changed to match the new semantics (see above) of loop
variables in go1.22. When analyzing a file that requires go1.22
or newer (due to its go.mod file or a per-file build
constraint), vetcode> no longer reports references to loop
variables from within a function literal that might outlive the
iteration of the loop. In Go 1.22, loop variables are created
anew for each iteration, so such references are no longer at
risk of using a variable after it has been updated by the loop.
* vet: New warnings for missing values after append The vet tool
now reports calls to append that pass no values to be appended
to the slice, such as slice = append(slice). Such a statement
has no effect, and experience has shown that is nearly always a
mistake.
* vet: New warnings for deferring time.Since The vet tool now
reports a non-deferred call to time.Since(t) within a defer
statement. This is equivalent to calling time.Now().Sub(t)
before the defer statement, not when the deferred function is
called. In nearly all cases, the correct code requires
deferring the time.Since call.
* vet: New warnings for mismatched key-value pairs in log/slog
calls The vet tool now reports invalid arguments in calls to
functions and methods in the structured logging package,
log/slog, that accept alternating key/value pairs. It reports
calls where an argument in a key position is neither a string
nor a slog.Attr, and where a final key is missing its value.
* runtime: The runtime now keeps type-based garbage collection
metadata nearer to each heap object, improving the CPU
performance (latency or throughput) of Go programs by
1-3%. This change also reduces the memory overhead of the
majority Go programs by approximately 1% by deduplicating
redundant metadata. Some programs may see a smaller improvement
because this change adjusts the size class boundaries of the
memory allocator, so some objects may be moved up a size class.
A consequence of this change is that some objects' addresses
that were previously always aligned to a 16 byte (or higher)
boundary will now only be aligned to an 8 byte boundary. Some
programs that use assembly instructions that require memory
addresses to be more than 8-byte aligned and rely on the memory
allocator's previous alignment behavior may break, but we
expect such programs to be rare. Such programs may be built
with GOEXPERIMENT=noallocheaders to revert to the old metadata
layout and restore the previous alignment behavior, but package
owners should update their assembly code to avoid the alignment
assumption, as this workaround will be removed in a future
release.
* runtime: On the windows/amd64 port, programs linking or loading
Go libraries built with -buildmode=c-archive or
-buildmode=c-shared can now use the SetUnhandledExceptionFilter
Win32 function to catch exceptions not handled by the Go
runtime. Note that this was already supported on the
windows/386 port.
* compiler: Profile-guided Optimization (PGO) builds can now
devirtualize a higher proportion of calls than previously
possible. Most programs from a representative set of Go
programs now see between 2 and 14% improvement from enabling
PGO.
* compiler: The compiler now interleaves devirtualization and
inlining, so interface method calls are better optimized.
* compiler: go1.22 also includes a preview of an enhanced
implementation of the compiler's inlining phase that uses
heuristics to boost inlinability at call sites deemed
'important' (for example, in loops) and discourage inlining at
call sites deemed 'unimportant' (for example, on panic
paths). Building with GOEXPERIMENT=newinliner enables the new
call-site heuristics; see issue #61502 for more info and to
provide feedback.
* linker: The linker's -s and -w flags are now behave more
consistently across all platforms. The -w flag suppresses DWARF
debug information generation. The -s flag suppresses symbol
table generation. The -s flag also implies the -w flag, which
can be negated with -w=0. That is, -s -w=0 will generate a
binary with DWARF debug information generation but without the
symbol table.
* linker: On ELF platforms, the -B linker flag now accepts a
special form: with -B gobuildid, the linker will generate a GNU
build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go
build ID.
* linker: On Windows, when building with -linkmode=internal, the
linker now preserves SEH information from C object files by
copying the .pdata and .xdata sections into the final
binary. This helps with debugging and profiling binaries using
native tools, such as WinDbg. Note that until now, C functions'
SEH exception handlers were not being honored, so this change
may cause some programs to behave differently.
-linkmode=external is not affected by this change, as external
linkers already preserve SEH information.
* bootstrap: As mentioned in the Go 1.20 release notes, go1.22
now requires the final point release of Go 1.20 or later for
bootstrap. We expect that Go 1.24 will require the final point
release of go1.22 or later for bootstrap.
* core library: New math/rand/v2 package: go1.22 includes the
first “v2” package in the standard library, math/rand/v2. The
changes compared to math/rand are detailed in proposal
go#61716. The most important changes are:
- The Read method, deprecated in math/rand, was not carried
forward for math/rand/v2. (It remains available in
math/rand.) The vast majority of calls to Read should use
crypto/rand’s Read instead. Otherwise a custom Read can be
constructed using the Uint64 method.
- The global generator accessed by top-level functions is
unconditionally randomly seeded. Because the API guarantees
no fixed sequence of results, optimizations like per-thread
random generator states are now possible.
- The Source interface now has a single Uint64 method; there is
no Source64 interface.
- Many methods now use faster algorithms that were not possible
to adopt in math/rand because they changed the output
streams.
- The Intn, Int31, Int31n, Int63, and Int64n top-level
functions and methods from math/rand are spelled more
idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64,
and Int64N. There are also new top-level functions and
methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN.
- The new generic function N is like Int64N or Uint64N but
works for any integer type. For example a random duration
from 0 up to 5 minutes is rand.N(5*time.Minute).
- The Mitchell & Reeds LFSR generator provided by math/rand’s
Source has been replaced by two more modern pseudo-random
generator sources: ChaCha8 PCG. ChaCha8 is a new,
cryptographically strong random number generator roughly
similar to PCG in efficiency. ChaCha8 is the algorithm used
for the top-level functions in math/rand/v2. As of go1.22,
math/rand's top-level functions (when not explicitly seeded)
and the Go runtime also use ChaCha8 for randomness.
- We plan to include an API migration tool in a future release,
likely Go 1.23.
* core library: New go/version package: The new go/version
package implements functions for validating and comparing Go
version strings.
* core library: Enhanced routing patterns: HTTP routing in the
standard library is now more expressive. The patterns used by
net/http.ServeMux have been enhanced to accept methods and
wildcards. This change breaks backwards compatibility in small
ways, some obvious—patterns with '{' and '}' behave
differently— and some less so—treatment of escaped paths has
been improved. The change is controlled by a GODEBUG field
named httpmuxgo121. Set httpmuxgo121=1 to restore the old
behavior.
* Minor changes to the library As always, there are various minor
changes and updates to the library, made with the Go 1 promise
of compatibility in mind. There are also various performance
improvements, not enumerated here.
* archive/tar: The new method Writer.AddFS adds all of the files
from an fs.FS to the archive.
* archive/zip: The new method Writer.AddFS adds all of the files
from an fs.FS to the archive.
* bufio: When a SplitFunc returns ErrFinalToken with a nil token,
Scanner will now stop immediately. Previously, it would report
a final empty token before stopping, which was usually not
desired. Callers that do want to report a final empty token can
do so by returning []byte{} rather than nil.
* cmp: The new function Or returns the first in a sequence of
values that is not the zero value.
* crypto/tls: ConnectionState.ExportKeyingMaterial will now
return an error unless TLS 1.3 is in use, or the
extended_master_secret extension is supported by both the
server and client. crypto/tls has supported this extension
since Go 1.20. This can be disabled with the tlsunsafeekm=1
GODEBUG setting.
* crypto/tls: By default, the minimum version offered by
crypto/tls servers is now TLS 1.2 if not specified with
config.MinimumVersion, matching the behavior of crypto/tls
clients. This change can be reverted with the tls10server=1
GODEBUG setting.
* crypto/tls: By default, cipher suites without ECDHE support are
no longer offered by either clients or servers during pre-TLS
1.3 handshakes. This change can be reverted with the
tlsrsakex=1 GODEBUG setting.
* crypto/x509: The new CertPool.AddCertWithConstraint method can
be used to add customized constraints to root certificates to
be applied during chain building.
* crypto/x509: On Android, root certificates will now be loaded
from /data/misc/keychain/certs-added as well as
/system/etc/security/cacerts.
* crypto/x509: A new type, OID, supports ASN.1 Object Identifiers
with individual components larger than 31 bits. A new field
which uses this type, Policies, is added to the Certificate
struct, and is now populated during parsing. Any OIDs which
cannot be represented using a asn1.ObjectIdentifier will appear
in Policies, but not in the old PolicyIdentifiers field. When
calling CreateCertificate, the Policies field is ignored, and
policies are taken from the PolicyIdentifiers field. Using the
x509usepolicies=1 GODEBUG setting inverts this, populating
certificate policies from the Policies field, and ignoring the
PolicyIdentifiers field. We may change the default value of
x509usepolicies in Go 1.23, making Policies the default field
for marshaling.
* database/sql: The new Null[T] type provide a way to scan
nullable columns for any column types.
* debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64
systems. Additional R_LARCH_* constants are defined for use
with LoongArch systems.
* encoding: The new methods AppendEncode and AppendDecode added
to each of the Encoding types in the packages encoding/base32,
encoding/base64, and encoding/hex simplify encoding and
decoding from and to byte slices by taking care of byte slice
buffer management.
* encoding: The methods base32.Encoding.WithPadding and
base64.Encoding.WithPadding now panic if the padding argument
is a negative value other than NoPadding.
* encoding/json: Marshaling and encoding functionality now
escapes '\b' and '\f' characters as \b and \f instead of \u0008
and \u000c.
* go/ast: The following declarations related to syntactic
identifier resolution are now deprecated: Ident.Obj, Object,
Scope, File.Scope, File.Unresolved, Importer, Package,
NewPackage. In general, identifiers cannot be accurately
resolved without type information. Consider, for example, the
identifier K in T{K: ''}: it could be the name of a local
variable if T is a map type, or the name of a field if T is a
struct type. New programs should use the go/types package to
resolve identifiers; see Object, Info.Uses, and Info.Defs for
details.
* go/ast: The new ast.Unparen function removes any enclosing
parentheses from an expression.
* go/types: The new Alias type represents type
aliases. Previously, type aliases were not represented
explicitly, so a reference to a type alias was equivalent to
spelling out the aliased type, and the name of the alias was
lost. The new representation retains the intermediate
Alias. This enables improved error reporting (the name of a
type alias can be reported), and allows for better handling of
cyclic type declarations involving type aliases. In a future
release, Alias types will also carry type parameter
information. The new function Unalias returns the actual type
denoted by an Alias type (or any other Type for that matter).
* go/types: Because Alias types may break existing type switches
that do not know to check for them, this functionality is
controlled by a GODEBUG field named gotypesalias. With
gotypesalias=0, everything behaves as before, and Alias types
are never created. With gotypesalias=1, Alias types are created
and clients must expect them. The default is gotypesalias=0. In
a future release, the default will be changed to
gotypesalias=1. Clients of go/types are urged to adjust their
code as soon as possible to work with gotypesalias=1 to
eliminate problems early.
* go/types: The Info struct now exports the FileVersions map
which provides per-file Go version information.
* go/types: The new helper method PkgNameOf returns the local
package name for the given import declaration.
* go/types: The implementation of SizesFor has been adjusted to
compute the same type sizes as the compiler when the compiler
argument for SizesFor is 'gc'. The default Sizes implementation
used by the type checker is now types.SizesFor('gc', 'amd64').
* go/types: The start position (Pos) of the lexical environment
block (Scope) that represents a function body has changed: it
used to start at the opening curly brace of the function body,
but now starts at the function's func token.
* html/template: Javascript template literals may now contain Go
template actions, and parsing a template containing one will no
longer return ErrJSTemplate. Similarly the GODEBUG setting
jstmpllitinterp no longer has any effect.
* io: The new SectionReader.Outer method returns the ReaderAt,
offset, and size passed to NewSectionReader.
* log/slog: The new SetLogLoggerLevel function controls the level
for the bridge between the `slog` and `log` packages. It sets
the minimum level for calls to the top-level `slog` logging
functions, and it sets the level for calls to `log.Logger` that
go through `slog`.
* math/big: The new method Rat.FloatPrec computes the number of
fractional decimal digits required to represent a rational
number accurately as a floating-point number, and whether
accurate decimal representation is possible in the first place.
* net: When io.Copy copies from a TCPConn to a UnixConn, it will
now use Linux's splice(2) system call if possible, using the
new method TCPConn.WriteTo.
* net: The Go DNS Resolver, used when building with
'-tags=netgo', now searches for a matching name in the Windows
hosts file, located at %SystemRoot%\System32\drivers\etc\hosts,
before making a DNS query.
* net/http: The new functions ServeFileFS, FileServerFS, and
NewFileTransportFS are versions of the existing ServeFile,
FileServer, and NewFileTransport, operating on an fs.FS.
* net/http: The HTTP server and client now reject requests and
responses containing an invalid empty Content-Length
header. The previous behavior may be restored by setting
GODEBUG field httplaxcontentlength=1.
* net/http: The new method Request.PathValue returns path
wildcard values from a request and the new method
Request.SetPathValue sets path wildcard values on a request.
* net/http/cgi: When executing a CGI process, the PATH_INFO
variable is now always set to the empty string or a value
starting with a / character, as required by RFC 3875. It was
previously possible for some combinations of Handler.Root and
request URL to violate this requirement.
* net/netip: The new AddrPort.Compare method compares two
AddrPorts.
* os: On Windows, the Stat function now follows all reparse
points that link to another named entity in the system. It was
previously only following IO_REPARSE_TAG_SYMLINK and
IO_REPARSE_TAG_MOUNT_POINT reparse points.
* os: On Windows, passing O_SYNC to OpenFile now causes write
operations to go directly to disk, equivalent to O_SYNC on Unix
platforms.
* os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and
File.Readdirnames functions now read directory entries in
batches to reduce the number of system calls, improving
performance up to 30%.
* os: When io.Copy copies from a File to a net.UnixConn, it will
now use Linux's sendfile(2) system call if possible, using the
new method File.WriteTo.
* os/exec: On Windows, LookPath now ignores empty entries
in %PATH%, and returns ErrNotFound (instead of ErrNotExist)
if no executable file extension is found to resolve an
otherwise-unambiguous name.
* os/exec: On Windows, Command and Cmd.Start no longer call
LookPath if the path to the executable is already absolute and
has an executable file extension. In addition, Cmd.Start no
longer writes the resolved extension back to the Path field, so
it is now safe to call the String method concurrently with a
call to Start.
* reflect: The Value.IsZero method will now return true for a
floating-point or complex negative zero, and will return true
for a struct value if a blank field (a field named _) somehow
has a non-zero value. These changes make IsZero consistent with
comparing a value to zero using the language == operator.
* reflect: The PtrTo function is deprecated, in favor of
PointerTo.
* reflect: The new function TypeFor returns the Type that
represents the type argument T. Previously, to get the
reflect.Type value for a type, one had to use
reflect.TypeOf((*T)(nil)).Elem(). This may now be written as
reflect.TypeFor[T]().
* runtime/metrics: Four new histogram metrics
/sched/pauses/stopping/gc:seconds,
/sched/pauses/stopping/other:seconds,
/sched/pauses/total/gc:seconds, and
/sched/pauses/total/other:seconds provide additional details
about stop-the-world pauses. The 'stopping' metrics report the
time taken from deciding to stop the world until all goroutines
are stopped. The 'total' metrics report the time taken from
deciding to stop the world until it is started again.
* runtime/metrics: The /gc/pauses:seconds metric is deprecated,
as it is equivalent to the new /sched/pauses/total/gc:seconds
metric.
* runtime/metrics: /sync/mutex/wait/total:seconds now includes
contention on runtime-internal locks in addition to sync.Mutex
and sync.RWMutex.
* runtime/pprof: Mutex profiles now scale contention by the
number of goroutines blocked on the mutex. This provides a more
accurate representation of the degree to which a mutex is a
bottleneck in a Go program. For instance, if 100 goroutines are
blocked on a mutex for 10 milliseconds, a mutex profile will
now record 1 second of delay instead of 10 milliseconds of
delay.
* runtime/pprof: Mutex profiles also now include contention on
runtime-internal locks in addition to sync.Mutex and
sync.RWMutex. Contention on runtime-internal locks is always
reported at runtime._LostContendedRuntimeLock. A future release
will add complete stack traces in these cases.
* runtime/pprof: CPU profiles on Darwin platforms now contain the
process's memory map, enabling the disassembly view in the
pprof tool.
* runtime/trace: The execution tracer has been completely
overhauled in this release, resolving several long-standing
issues and paving the way for new use-cases for execution
traces.
* runtime/trace: Execution traces now use the operating system's
clock on most platforms (Windows excluded) so it is possible to
correlate them with traces produced by lower-level
components. Execution traces no longer depend on the
reliability of the platform's clock to produce a correct
trace. Execution traces are now partitioned regularly
on-the-fly and as a result may be processed in a streamable
way. Execution traces now contain complete durations for all
system calls. Execution traces now contain information about
the operating system threads that goroutines executed on. The
latency impact of starting and stopping execution traces has
been dramatically reduced. Execution traces may now begin or
end during the garbage collection mark phase.
* runtime/trace: To allow Go developers to take advantage of
these improvements, an experimental trace reading package is
available at golang.org/x/exp/trace. Note that this package
only works on traces produced by programs built with go1.22 at
the moment. Please try out the package and provide feedback on
the corresponding proposal issue.
* runtime/trace: If you experience any issues with the new
execution tracer implementation, you may switch back to the old
implementation by building your Go program with
GOEXPERIMENT=noexectracer2. If you do, please file an issue,
otherwise this option will be removed in a future release.
* slices: The new function Concat concatenates multiple slices.
* slices: Functions that shrink the size of a slice (Delete,
DeleteFunc, Compact, CompactFunc, and Replace) now zero the
elements between the new length and the old length.
* slices: Insert now always panics if the argument i is out of
range. Previously it did not panic in this situation if there
were no elements to be inserted.
* syscall: The syscall package has been frozen since Go 1.4 and
was marked as deprecated in Go 1.11, causing many editors to
warn about any use of the package. However, some non-deprecated
functionality requires use of the syscall package, such as the
os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints
on such code, the syscall package is no longer marked as
deprecated. The package remains frozen to most new
functionality, and new code remains encouraged to use
golang.org/x/sys/unix or golang.org/x/sys/windows where
possible.
* syscall: On Linux, the new SysProcAttr.PidFD field allows
obtaining a PID FD when starting a child process via
StartProcess or os/exec.
* syscall: On Windows, passing O_SYNC to Open now causes write
operations to go directly to disk, equivalent to O_SYNC on Unix
platforms.
* testing/slogtest: The new Run function uses sub-tests to run
test cases, providing finer-grained control.
* Ports: Darwin: On macOS on 64-bit x86 architecture (the
darwin/amd64 port), the Go toolchain now generates
position-independent executables (PIE) by default. Non-PIE
binaries can be generated by specifying the -buildmode=exe
build flag. On 64-bit ARM-based macOS (the darwin/arm64 port),
the Go toolchain already generates PIE by default. go1.22 is
the last release that will run on macOS 10.15 Catalina. Go 1.23
will require macOS 11 Big Sur or later.
* Ports: Arm: The GOARM environment variable now allows you to
select whether to use software or hardware floating
point. Previously, valid GOARM values were 5, 6, or 7. Now
those same values can be optionally followed by ,softfloat or
,hardfloat to select the floating-point implementation. This
new option defaults to softfloat for version 5 and hardfloat
for versions 6 and 7.
* Ports: Loong64: The loong64 port now supports passing function
arguments and results using registers. The linux/loong64 port
now supports the address sanitizer, memory sanitizer, new-style
linker relocations, and the plugin build mode.
* OpenBSD go1.22 adds an experimental port to OpenBSD on
big-endian 64-bit PowerPC (openbsd/ppc64).
Patchnames: SUSE-2024-3938,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3938,openSUSE-SLE-15.6-2024-3938
Terms of use: CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
5.3 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
7.5 (High)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
important
6.4 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.2 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
6.5 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
5.9 (Medium)
Affected products
Recommended
24 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 | — |
Vendor Fix
|
Threats
Impact
moderate
References
62 references
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for go1.22-openssl",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for go1.22-openssl fixes the following issues:\n\nThis update ships go1.22-openssl 1.22.7.1 (jsc#SLE-18320)\n\n- Update to version 1.22.7.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.7-1-openssl-fips.\n\n * Update to Go 1.22.7 (#229)\n\n- go1.22.7 (released 2024-09-05) includes security fixes to the\n encoding/gob, go/build/constraint, and go/parser packages, as\n well as bug fixes to the fix command and the runtime.\n\n CVE-2024-34155 CVE-2024-34156 CVE-2024-34158:\n - go#69142 go#69138 bsc#1230252 security: fix CVE-2024-34155 go/parser: stack exhaustion in all Parse* functions (CVE-2024-34155)\n - go#69144 go#69139 bsc#1230253 security: fix CVE-2024-34156 encoding/gob: stack exhaustion in Decoder.Decode (CVE-2024-34156)\n - go#69148 go#69141 bsc#1230254 security: fix CVE-2024-34158 go/build/constraint: stack exhaustion in Parse (CVE-2024-34158)\n - go#68811 os: TestChtimes failures\n - go#68825 cmd/fix: fails to run on modules whose go directive value is in \u00271.n.m\u0027 format introduced in Go 1.21.0\n - go#68972 cmd/cgo: aix c-archive corrupting stack\n\n- go1.22.6 (released 2024-08-06) includes fixes to the go command,\n the compiler, the linker, the trace command, the covdata command,\n and the bytes, go/types, and os/exec packages.\n\n * go#68594 cmd/compile: internal compiler error with zero-size types\n * go#68546 cmd/trace/v2: pprof profiles always empty\n * go#68492 cmd/covdata: too many open files due to defer f.Close() in for loop\n * go#68475 bytes: IndexByte can return -4294967295 when memory usage is above 2^31 on js/wasm\n * go#68370 go/types: assertion failure in recent range statement checking logic\n * go#68331 os/exec: modifications to Path ignored when *Cmd is created using Command with an absolute path on Windows\n * go#68230 cmd/compile: inconsistent integer arithmetic result on Go 1.22+arm64 with/without -race\n * go#68222 cmd/go: list with -export and -covermode=atomic fails to build\n * go#68198 cmd/link: issues with Xcode 16 beta\n\n- Update to version 1.22.5.3 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-3-openssl-fips.\n\n * Only load openssl if fips == \u00271\u0027\n Avoid loading openssl whenever GOLANG_FIPS is not 1.\n Previously only an unset variable would cause the library load\n to be skipped, but users may also expect to be able to set eg.\n GOLANG_FIPS=0 in environments without openssl.\n\n- Update to version 1.22.5.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-2-openssl-fips.\n\n * Only load OpenSSL when in FIPS mode\n\n- Update to version 1.22.5.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.5-1-openssl-fips.\n\n * Update to go1.22.5\n\n- go1.22.5 (released 2024-07-02) includes security fixes to the\n net/http package, as well as bug fixes to the compiler, cgo, the\n go command, the linker, the runtime, and the crypto/tls,\n go/types, net, net/http, and os/exec packages.\n\n CVE-2024-24791:\n * go#68200 go#67555 bsc#1227314 security: fix CVE CVE-2024-24791 net/http: expect: 100-continue handling is broken in various ways\n * go#65983 cmd/compile: hash of unhashable type\n * go#65994 crypto/tls: segfault when calling tlsrsakex.IncNonDefault()\n * go#66598 os/exec: calling Cmd.Start after setting Cmd.Path manually to absolute path without \u0027.exe\u0027 no longer implicitly adds \u0027.exe\u0027 in Go 1.22\n * go#67298 runtime: \u0027fatal: morestack on g0\u0027 on amd64 after upgrade to Go 1.21, stale bounds\n * go#67715 cmd/cgo/internal/swig,cmd/go,x/build: swig cgo tests incompatible with C++ toolchain on builders\n * go#67798 cmd/compile: internal compiler error: unexpected type: \u003cnil\u003e (\u003cnil\u003e) in for-range\n * go#67820 cmd/compile: package-level variable initialization with constant dependencies doesn\u0027t match order specified in Go spec\n * go#67850 go/internal/gccgoimporter: go building failing with gcc 14.1.0\n * go#67934 net: go DNS resolver fails to connect to local DNS server\n * go#67945 cmd/link: using -fuzz with test that links with cgo on darwin causes linker failure\n * go#68052 cmd/go: go list -u -m all fails loading module retractions: module requires go \u003e= 1.N+1 (running go 1.N)\n * go#68122 cmd/link: runtime.mach_vm_region_trampoline: unsupported dynamic relocation for symbol libc_mach_task_self_ (type=29 (R_GOTPCREL) stype=46 (SDYNIMPORT))\n\n- Update to version 1.22.4.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.4-1-openssl-fips.\n\n * Update to go1.22.4\n\n- go1.22.4 (released 2024-06-04) includes security fixes to the\n archive/zip and net/netip packages, as well as bug fixes to the\n compiler, the go command, the linker, the runtime, and the os\n package.\n\n CVE-2024-24789 CVE-2024-24790:\n * go#67554 go#66869 bsc#1225973 security: fix CVE-2024-24789 archive/zip: EOCDR comment length handling is inconsistent with other ZIP implementations\n * go#67682 go#67680 bsc#1225974 security: fix CVE-2024-24790 net/netip: unexpected behavior from Is methods for IPv4-mapped IPv6 addresses\n * go#67188 runtime/metrics: /memory/classes/heap/unused:bytes spikes\n * go#67212 cmd/compile: SIGBUS unaligned access on mips64 via qemu-mips64\n * go#67236 cmd/go: mod tidy reports toolchain not available with \u0027go 1.21\u0027\n * go#67258 runtime: unexpected fault address 0\n * go#67311 cmd/go: TestScript/gotoolchain_issue66175 fails on tip locally\n * go#67314 cmd/go,cmd/link: TestScript/build_issue48319 and TestScript/build_plugin_reproducible failing on LUCI gotip-darwin-amd64-longtest builder due to non-reproducible LC_UUID\n * go#67352 crypto/x509: TestPlatformVerifier failures on Windows due to broken connections\n * go#67460 cmd/compile: internal compiler error: panic with range over integer value\n * go#67527 cmd/link: panic: machorelocsect: size mismatch\n * go#67650 runtime: SIGSEGV after performing clone(CLONE_PARENT) via C constructor prior to runtime start\n * go#67696 os: RemoveAll susceptible to symlink race\n\n- Update to version 1.22.3.3 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-3-openssl-fips.\n\n * config: update openssl backend (#201)\n\n- Update to version 1.22.3.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-2-openssl-fips.\n\n * patches: restore signature of HashSign/HashVerify (#199)\n\n- Update to version 1.22.3.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.3-1-openssl-fips.\n\n * Update to go1.22.3\n * fix: rename patch file\n * Backport change https://go-review.googlesource.com/c/go/+/554615 to Go1.22 (#193)\n runtime: crash asap and extend total sleep time for slow machine in test\n Running with few threads usually does not need 500ms to crash, so let it\n crash as soon as possible. While the test may caused more time on slow\n machine, try to expand the sleep time in test.\n * cmd/go: re-enable CGO for Go toolchain commands (#190)\n * crypto/ecdsa: Restore HashSign and HashVerify (#189)\n\n- go1.22.3 (released 2024-05-07) includes security fixes to the go\n command and the net package, as well as bug fixes to the\n compiler, the runtime, and the net/http package.\n\n CVE-2024-24787 CVE-2024-24788:\n * go#67122 go#67119 bsc#1224017 security: fix CVE-2024-24787 cmd/go: arbitrary code execution during build on darwin\n * go#67040 go#66754 bsc#1224018 security: fix CVE-2024-24788 net: high cpu usage in extractExtendedRCode\n * go#67018 cmd/compile: Go 1.22.x failed to be bootstrapped from 386 to ppc64le\n * go#67017 cmd/compile: changing a hot concrete method to interface method triggers a PGO ICE\n * go#66886 runtime: deterministic fallback hashes across process boundary\n * go#66698 net/http: TestRequestLimit/h2 becomes significantly more expensive and slower after x/net@v0.23.0\n\n- Update to version 1.22.2.1 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.2-1-openssl-fips.\n\n * Update to go1.22.2\n\n- go1.22.2 (released 2024-04-03) includes a security fix to the\n net/http package, as well as bug fixes to the compiler, the go\n command, the linker, and the encoding/gob, go/types, net/http,\n and runtime/trace packages.\n\n CVE-2023-45288:\n * go#66298 go#65051 bsc#1221400 security: fix CVE-2023-45288 net/http, x/net/http2: close connections when receiving too many headers\n * go#65858 cmd/compile: unreachable panic with GODEBUG=gotypesalias=1\n * go#66060 cmd/link: RISC-V external link, failed to find text symbol for HI20 relocation\n * go#66076 cmd/compile: out-of-bounds panic with uint32 conversion and modulus operation in Go 1.22.0 on arm64\n * go#66134 cmd/compile: go test . results in CLOSURE ... \u003cunknown line number\u003e: internal compiler error: assertion failed\n * go#66137 cmd/go: go 1.22.0: go test throws errors when processing folders not listed in coverpkg argument\n * go#66178 cmd/compile: ICE: panic: interface conversion: ir.Node is *ir.ConvExpr, not *ir.IndexExpr\n * go#66201 runtime/trace: v2 traces contain an incorrect timestamp scaling factor on Windows\n * go#66255 net/http: http2 round tripper nil pointer dereference causes panic causing deadlock\n * go#66256 cmd/go: git shallow fetches broken at CL 556358\n * go#66273 crypto/x509: Certificate no longer encodable using encoding/gob in Go1.22\n * go#66412 cmd/link: bad carrier sym for symbol runtime.elf_savegpr0.args_stackmap on ppc64le\n\n- Update to version 1.22.1.2 cut from the go1.22-fips-release\n branch at the revision tagged go1.22.1-2-openssl-fips.\n\n * config: Update openssl v2 module (#178)\n\n- Remove subpackage go1.x-openssl-libstd for compiled shared object\n libstd.so.\n\n * Continue to build experimental libstd only on go1.x Tumbleweed.\n * Removal fixes build errors on go1.x-openssl Factory and ALP.\n * Use of libstd.so is experimental and not recommended for\n general use, Go currently has no ABI.\n * Feature go build -buildmode=shared is deprecated by upstream,\n but not yet removed.\n\n- Initial package go1.22-openssl version 1.22.1.1 cut from the\n go1.22-fips-release branch at the revision tagged\n go1.22.1-1-openssl-fips.\n\n * Go upstream merged branch dev.boringcrypto in go1.19+.\n * In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.\n * In go1.x-openssl enable FIPS mode (or boring mode as the\n package is named) either via an environment variable\n GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.\n * When the operating system is operating in FIPS mode, Go\n applications which import crypto/tls/fipsonly limit operations\n to the FIPS ciphersuite.\n * go1.x-openssl is delivered as two large patches to go1.x\n applying necessary modifications from the golang-fips/go GitHub\n project for the Go crypto library to use OpenSSL as the\n external cryptographic library in a FIPS compliant way.\n * go1.x-openssl modifies the crypto/* packages to use OpenSSL for\n cryptographic operations.\n * go1.x-openssl uses dlopen() to call into OpenSSL.\n * SUSE RPM packaging introduces a fourth version digit go1.x.y.z\n corresponding to the golang-fips/go patchset tagged revision.\n * Patchset improvements can be updated independently of upstream\n Go maintenance releases.\n\n- go1.22.1 (released 2024-03-05) includes security fixes to the\n crypto/x509, html/template, net/http, net/http/cookiejar, and\n net/mail packages, as well as bug fixes to the compiler, the go\n command, the runtime, the trace command, and the go/types and\n net/http packages.\n\n CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785:\n * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm\n * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled\n * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm\n * go#65859 go#65065 bsc#1221000 security: fix CVE-2023-45289 net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect\n * go#65969 go#65697 bsc#1221003 security: fix CVE-2024-24785 html/template: errors returned from MarshalJSON methods may break template escaping\n * go#65352 cmd/go: go generate fails silently when run on a package in a nested workspace module\n * go#65471 internal/testenv: TestHasGoBuild failures on the LUCI noopt builders\n * go#65474 internal/testenv: support LUCI mobile builders in testenv tests\n * go#65577 cmd/trace/v2: goroutine analysis page doesn\u0027t identify goroutines consistently\n * go#65618 cmd/compile: Go 1.22 build fails with 1.21 PGO profile on internal/saferio change\n * go#65619 cmd/compile: Go 1.22 changes support for modules that declare go 1.0\n * go#65641 cmd/cgo/internal/testsanitizers,x/build: LUCI clang15 builders failing\n * go#65644 runtime: crash in race detector when execution tracer reads from CPU profile buffer\n * go#65728 go/types: nil pointer dereference in Alias.Underlying()\n * go#65759 net/http: context cancellation can leave HTTP client with deadlocked HTTP/1.1 connections in Go1.22\n * go#65760 runtime: Go 1.22.0 fails to build from source on armv7 Alpine Linux\n * go#65818 runtime: go1.22.0 test with -race will SIGSEGV or SIGBUS or Bad Pointer\n * go#65852 cmd/go: \u0027missing ziphash\u0027 error with go.work\n * go#65883 runtime: scheduler sometimes starves a runnable goroutine on wasm platforms\n\n * bsc#1219988 ensure VERSION file is present in GOROOT\n as required by go tool dist and go tool distpack\n\n- go1.22 (released 2024-02-06) is a major release of Go.\n go1.22.x minor releases will be provided through February 2024.\n https://github.com/golang/go/wiki/Go-Release-Cycle\n go1.22 arrives six months after go1.21. Most of its changes are\n in the implementation of the toolchain, runtime, and libraries.\n As always, the release maintains the Go 1 promise of\n compatibility. We expect almost all Go programs to continue to\n compile and run as before.\n\n * Language change: go1.22 makes two changes to for loops.\n Previously, the variables declared by a for loop were created\n once and updated by each iteration. In go1.22, each iteration\n of the loop creates new variables, to avoid accidental sharing\n bugs. The transition support tooling described in the proposal\n continues to work in the same way it did in Go 1.21.\n * Language change: For loops may now range over integers\n * Language change: go1.22 includes a preview of a language change\n we are considering for a future version of Go:\n range-over-function iterators. Building with\n GOEXPERIMENT=rangefunc enables this feature.\n * go command: Commands in workspaces can now use a vendor\n directory containing the dependencies of the workspace. The\n directory is created by go work vendor, and used by build\n commands when the -mod flag is set to vendor, which is the\n default when a workspace vendor directory is present. Note\n that the vendor directory\u0027s contents for a workspace are\n different from those of a single module: if the directory at\n the root of a workspace also contains one of the modules in the\n workspace, its vendor directory can contain the dependencies of\n either the workspace or of the module, but not both.\n * go get is no longer supported outside of a module in the legacy\n GOPATH mode (that is, with GO111MODULE=off). Other build\n commands, such as go build and go test, will continue to work\n indefinitely for legacy GOPATH programs.\n * go mod init no longer attempts to import module requirements\n from configuration files for other vendoring tools (such as\n Gopkg.lock).\n * go test -cover now prints coverage summaries for covered\n packages that do not have their own test files. Prior to Go\n 1.22 a go test -cover run for such a package would report: ?\n mymod/mypack [no test files] and now with go1.22, functions in\n the package are treated as uncovered: mymod/mypack coverage:\n 0.0% of statements Note that if a package contains no\n executable code at all, we can\u0027t report a meaningful coverage\n percentage; for such packages the go tool will continue to\n report that there are no test files.\n * trace: The trace tool\u0027s web UI has been gently refreshed as\n part of the work to support the new tracer, resolving several\n issues and improving the readability of various sub-pages. The\n web UI now supports exploring traces in a thread-oriented\n view. The trace viewer also now displays the full duration of\n all system calls. These improvements only apply for viewing\n traces produced by programs built with go1.22 or newer. A\n future release will bring some of these improvements to traces\n produced by older version of Go.\n * vet: References to loop variables The behavior of the vet tool\n has changed to match the new semantics (see above) of loop\n variables in go1.22. When analyzing a file that requires go1.22\n or newer (due to its go.mod file or a per-file build\n constraint), vetcode\u003e no longer reports references to loop\n variables from within a function literal that might outlive the\n iteration of the loop. In Go 1.22, loop variables are created\n anew for each iteration, so such references are no longer at\n risk of using a variable after it has been updated by the loop.\n * vet: New warnings for missing values after append The vet tool\n now reports calls to append that pass no values to be appended\n to the slice, such as slice = append(slice). Such a statement\n has no effect, and experience has shown that is nearly always a\n mistake.\n * vet: New warnings for deferring time.Since The vet tool now\n reports a non-deferred call to time.Since(t) within a defer\n statement. This is equivalent to calling time.Now().Sub(t)\n before the defer statement, not when the deferred function is\n called. In nearly all cases, the correct code requires\n deferring the time.Since call.\n * vet: New warnings for mismatched key-value pairs in log/slog\n calls The vet tool now reports invalid arguments in calls to\n functions and methods in the structured logging package,\n log/slog, that accept alternating key/value pairs. It reports\n calls where an argument in a key position is neither a string\n nor a slog.Attr, and where a final key is missing its value.\n * runtime: The runtime now keeps type-based garbage collection\n metadata nearer to each heap object, improving the CPU\n performance (latency or throughput) of Go programs by\n 1-3%. This change also reduces the memory overhead of the\n majority Go programs by approximately 1% by deduplicating\n redundant metadata. Some programs may see a smaller improvement\n because this change adjusts the size class boundaries of the\n memory allocator, so some objects may be moved up a size class.\n A consequence of this change is that some objects\u0027 addresses\n that were previously always aligned to a 16 byte (or higher)\n boundary will now only be aligned to an 8 byte boundary. Some\n programs that use assembly instructions that require memory\n addresses to be more than 8-byte aligned and rely on the memory\n allocator\u0027s previous alignment behavior may break, but we\n expect such programs to be rare. Such programs may be built\n with GOEXPERIMENT=noallocheaders to revert to the old metadata\n layout and restore the previous alignment behavior, but package\n owners should update their assembly code to avoid the alignment\n assumption, as this workaround will be removed in a future\n release.\n * runtime: On the windows/amd64 port, programs linking or loading\n Go libraries built with -buildmode=c-archive or\n -buildmode=c-shared can now use the SetUnhandledExceptionFilter\n Win32 function to catch exceptions not handled by the Go\n runtime. Note that this was already supported on the\n windows/386 port.\n * compiler: Profile-guided Optimization (PGO) builds can now\n devirtualize a higher proportion of calls than previously\n possible. Most programs from a representative set of Go\n programs now see between 2 and 14% improvement from enabling\n PGO.\n * compiler: The compiler now interleaves devirtualization and\n inlining, so interface method calls are better optimized.\n * compiler: go1.22 also includes a preview of an enhanced\n implementation of the compiler\u0027s inlining phase that uses\n heuristics to boost inlinability at call sites deemed\n \u0027important\u0027 (for example, in loops) and discourage inlining at\n call sites deemed \u0027unimportant\u0027 (for example, on panic\n paths). Building with GOEXPERIMENT=newinliner enables the new\n call-site heuristics; see issue #61502 for more info and to\n provide feedback.\n * linker: The linker\u0027s -s and -w flags are now behave more\n consistently across all platforms. The -w flag suppresses DWARF\n debug information generation. The -s flag suppresses symbol\n table generation. The -s flag also implies the -w flag, which\n can be negated with -w=0. That is, -s -w=0 will generate a\n binary with DWARF debug information generation but without the\n symbol table.\n * linker: On ELF platforms, the -B linker flag now accepts a\n special form: with -B gobuildid, the linker will generate a GNU\n build ID (the ELF NT_GNU_BUILD_ID note) derived from the Go\n build ID.\n * linker: On Windows, when building with -linkmode=internal, the\n linker now preserves SEH information from C object files by\n copying the .pdata and .xdata sections into the final\n binary. This helps with debugging and profiling binaries using\n native tools, such as WinDbg. Note that until now, C functions\u0027\n SEH exception handlers were not being honored, so this change\n may cause some programs to behave differently.\n -linkmode=external is not affected by this change, as external\n linkers already preserve SEH information.\n * bootstrap: As mentioned in the Go 1.20 release notes, go1.22\n now requires the final point release of Go 1.20 or later for\n bootstrap. We expect that Go 1.24 will require the final point\n release of go1.22 or later for bootstrap.\n * core library: New math/rand/v2 package: go1.22 includes the\n first \u201cv2\u201d package in the standard library, math/rand/v2. The\n changes compared to math/rand are detailed in proposal\n go#61716. The most important changes are:\n - The Read method, deprecated in math/rand, was not carried\n forward for math/rand/v2. (It remains available in\n math/rand.) The vast majority of calls to Read should use\n crypto/rand\u2019s Read instead. Otherwise a custom Read can be\n constructed using the Uint64 method.\n - The global generator accessed by top-level functions is\n unconditionally randomly seeded. Because the API guarantees\n no fixed sequence of results, optimizations like per-thread\n random generator states are now possible.\n - The Source interface now has a single Uint64 method; there is\n no Source64 interface.\n - Many methods now use faster algorithms that were not possible\n to adopt in math/rand because they changed the output\n streams.\n - The Intn, Int31, Int31n, Int63, and Int64n top-level\n functions and methods from math/rand are spelled more\n idiomatically in math/rand/v2: IntN, Int32, Int32N, Int64,\n and Int64N. There are also new top-level functions and\n methods Uint32, Uint32N, Uint64, Uint64N, Uint, and UintN.\n - The new generic function N is like Int64N or Uint64N but\n works for any integer type. For example a random duration\n from 0 up to 5 minutes is rand.N(5*time.Minute).\n - The Mitchell \u0026 Reeds LFSR generator provided by math/rand\u2019s\n Source has been replaced by two more modern pseudo-random\n generator sources: ChaCha8 PCG. ChaCha8 is a new,\n cryptographically strong random number generator roughly\n similar to PCG in efficiency. ChaCha8 is the algorithm used\n for the top-level functions in math/rand/v2. As of go1.22,\n math/rand\u0027s top-level functions (when not explicitly seeded)\n and the Go runtime also use ChaCha8 for randomness.\n - We plan to include an API migration tool in a future release,\n likely Go 1.23.\n * core library: New go/version package: The new go/version\n package implements functions for validating and comparing Go\n version strings.\n * core library: Enhanced routing patterns: HTTP routing in the\n standard library is now more expressive. The patterns used by\n net/http.ServeMux have been enhanced to accept methods and\n wildcards. This change breaks backwards compatibility in small\n ways, some obvious\u2014patterns with \u0027{\u0027 and \u0027}\u0027 behave\n differently\u2014 and some less so\u2014treatment of escaped paths has\n been improved. The change is controlled by a GODEBUG field\n named httpmuxgo121. Set httpmuxgo121=1 to restore the old\n behavior.\n * Minor changes to the library As always, there are various minor\n changes and updates to the library, made with the Go 1 promise\n of compatibility in mind. There are also various performance\n improvements, not enumerated here.\n * archive/tar: The new method Writer.AddFS adds all of the files\n from an fs.FS to the archive.\n * archive/zip: The new method Writer.AddFS adds all of the files\n from an fs.FS to the archive.\n * bufio: When a SplitFunc returns ErrFinalToken with a nil token,\n Scanner will now stop immediately. Previously, it would report\n a final empty token before stopping, which was usually not\n desired. Callers that do want to report a final empty token can\n do so by returning []byte{} rather than nil.\n * cmp: The new function Or returns the first in a sequence of\n values that is not the zero value.\n * crypto/tls: ConnectionState.ExportKeyingMaterial will now\n return an error unless TLS 1.3 is in use, or the\n extended_master_secret extension is supported by both the\n server and client. crypto/tls has supported this extension\n since Go 1.20. This can be disabled with the tlsunsafeekm=1\n GODEBUG setting.\n * crypto/tls: By default, the minimum version offered by\n crypto/tls servers is now TLS 1.2 if not specified with\n config.MinimumVersion, matching the behavior of crypto/tls\n clients. This change can be reverted with the tls10server=1\n GODEBUG setting.\n * crypto/tls: By default, cipher suites without ECDHE support are\n no longer offered by either clients or servers during pre-TLS\n 1.3 handshakes. This change can be reverted with the\n tlsrsakex=1 GODEBUG setting.\n * crypto/x509: The new CertPool.AddCertWithConstraint method can\n be used to add customized constraints to root certificates to\n be applied during chain building.\n * crypto/x509: On Android, root certificates will now be loaded\n from /data/misc/keychain/certs-added as well as\n /system/etc/security/cacerts.\n * crypto/x509: A new type, OID, supports ASN.1 Object Identifiers\n with individual components larger than 31 bits. A new field\n which uses this type, Policies, is added to the Certificate\n struct, and is now populated during parsing. Any OIDs which\n cannot be represented using a asn1.ObjectIdentifier will appear\n in Policies, but not in the old PolicyIdentifiers field. When\n calling CreateCertificate, the Policies field is ignored, and\n policies are taken from the PolicyIdentifiers field. Using the\n x509usepolicies=1 GODEBUG setting inverts this, populating\n certificate policies from the Policies field, and ignoring the\n PolicyIdentifiers field. We may change the default value of\n x509usepolicies in Go 1.23, making Policies the default field\n for marshaling.\n * database/sql: The new Null[T] type provide a way to scan\n nullable columns for any column types.\n * debug/elf: Constant R_MIPS_PC32 is defined for use with MIPS64\n systems. Additional R_LARCH_* constants are defined for use\n with LoongArch systems.\n * encoding: The new methods AppendEncode and AppendDecode added\n to each of the Encoding types in the packages encoding/base32,\n encoding/base64, and encoding/hex simplify encoding and\n decoding from and to byte slices by taking care of byte slice\n buffer management.\n * encoding: The methods base32.Encoding.WithPadding and\n base64.Encoding.WithPadding now panic if the padding argument\n is a negative value other than NoPadding.\n * encoding/json: Marshaling and encoding functionality now\n escapes \u0027\\b\u0027 and \u0027\\f\u0027 characters as \\b and \\f instead of \\u0008\n and \\u000c.\n * go/ast: The following declarations related to syntactic\n identifier resolution are now deprecated: Ident.Obj, Object,\n Scope, File.Scope, File.Unresolved, Importer, Package,\n NewPackage. In general, identifiers cannot be accurately\n resolved without type information. Consider, for example, the\n identifier K in T{K: \u0027\u0027}: it could be the name of a local\n variable if T is a map type, or the name of a field if T is a\n struct type. New programs should use the go/types package to\n resolve identifiers; see Object, Info.Uses, and Info.Defs for\n details.\n * go/ast: The new ast.Unparen function removes any enclosing\n parentheses from an expression.\n * go/types: The new Alias type represents type\n aliases. Previously, type aliases were not represented\n explicitly, so a reference to a type alias was equivalent to\n spelling out the aliased type, and the name of the alias was\n lost. The new representation retains the intermediate\n Alias. This enables improved error reporting (the name of a\n type alias can be reported), and allows for better handling of\n cyclic type declarations involving type aliases. In a future\n release, Alias types will also carry type parameter\n information. The new function Unalias returns the actual type\n denoted by an Alias type (or any other Type for that matter).\n * go/types: Because Alias types may break existing type switches\n that do not know to check for them, this functionality is\n controlled by a GODEBUG field named gotypesalias. With\n gotypesalias=0, everything behaves as before, and Alias types\n are never created. With gotypesalias=1, Alias types are created\n and clients must expect them. The default is gotypesalias=0. In\n a future release, the default will be changed to\n gotypesalias=1. Clients of go/types are urged to adjust their\n code as soon as possible to work with gotypesalias=1 to\n eliminate problems early.\n * go/types: The Info struct now exports the FileVersions map\n which provides per-file Go version information.\n * go/types: The new helper method PkgNameOf returns the local\n package name for the given import declaration.\n * go/types: The implementation of SizesFor has been adjusted to\n compute the same type sizes as the compiler when the compiler\n argument for SizesFor is \u0027gc\u0027. The default Sizes implementation\n used by the type checker is now types.SizesFor(\u0027gc\u0027, \u0027amd64\u0027).\n * go/types: The start position (Pos) of the lexical environment\n block (Scope) that represents a function body has changed: it\n used to start at the opening curly brace of the function body,\n but now starts at the function\u0027s func token.\n * html/template: Javascript template literals may now contain Go\n template actions, and parsing a template containing one will no\n longer return ErrJSTemplate. Similarly the GODEBUG setting\n jstmpllitinterp no longer has any effect.\n * io: The new SectionReader.Outer method returns the ReaderAt,\n offset, and size passed to NewSectionReader.\n * log/slog: The new SetLogLoggerLevel function controls the level\n for the bridge between the `slog` and `log` packages. It sets\n the minimum level for calls to the top-level `slog` logging\n functions, and it sets the level for calls to `log.Logger` that\n go through `slog`.\n * math/big: The new method Rat.FloatPrec computes the number of\n fractional decimal digits required to represent a rational\n number accurately as a floating-point number, and whether\n accurate decimal representation is possible in the first place.\n * net: When io.Copy copies from a TCPConn to a UnixConn, it will\n now use Linux\u0027s splice(2) system call if possible, using the\n new method TCPConn.WriteTo.\n * net: The Go DNS Resolver, used when building with\n \u0027-tags=netgo\u0027, now searches for a matching name in the Windows\n hosts file, located at %SystemRoot%\\System32\\drivers\\etc\\hosts,\n before making a DNS query.\n * net/http: The new functions ServeFileFS, FileServerFS, and\n NewFileTransportFS are versions of the existing ServeFile,\n FileServer, and NewFileTransport, operating on an fs.FS.\n * net/http: The HTTP server and client now reject requests and\n responses containing an invalid empty Content-Length\n header. The previous behavior may be restored by setting\n GODEBUG field httplaxcontentlength=1.\n * net/http: The new method Request.PathValue returns path\n wildcard values from a request and the new method\n Request.SetPathValue sets path wildcard values on a request.\n * net/http/cgi: When executing a CGI process, the PATH_INFO\n variable is now always set to the empty string or a value\n starting with a / character, as required by RFC 3875. It was\n previously possible for some combinations of Handler.Root and\n request URL to violate this requirement.\n * net/netip: The new AddrPort.Compare method compares two\n AddrPorts.\n * os: On Windows, the Stat function now follows all reparse\n points that link to another named entity in the system. It was\n previously only following IO_REPARSE_TAG_SYMLINK and\n IO_REPARSE_TAG_MOUNT_POINT reparse points.\n * os: On Windows, passing O_SYNC to OpenFile now causes write\n operations to go directly to disk, equivalent to O_SYNC on Unix\n platforms.\n * os: On Windows, the ReadDir, File.ReadDir, File.Readdir, and\n File.Readdirnames functions now read directory entries in\n batches to reduce the number of system calls, improving\n performance up to 30%.\n * os: When io.Copy copies from a File to a net.UnixConn, it will\n now use Linux\u0027s sendfile(2) system call if possible, using the\n new method File.WriteTo.\n * os/exec: On Windows, LookPath now ignores empty entries\n in %PATH%, and returns ErrNotFound (instead of ErrNotExist)\n if no executable file extension is found to resolve an\n otherwise-unambiguous name.\n * os/exec: On Windows, Command and Cmd.Start no longer call\n LookPath if the path to the executable is already absolute and\n has an executable file extension. In addition, Cmd.Start no\n longer writes the resolved extension back to the Path field, so\n it is now safe to call the String method concurrently with a\n call to Start.\n * reflect: The Value.IsZero method will now return true for a\n floating-point or complex negative zero, and will return true\n for a struct value if a blank field (a field named _) somehow\n has a non-zero value. These changes make IsZero consistent with\n comparing a value to zero using the language == operator.\n * reflect: The PtrTo function is deprecated, in favor of\n PointerTo.\n * reflect: The new function TypeFor returns the Type that\n represents the type argument T. Previously, to get the\n reflect.Type value for a type, one had to use\n reflect.TypeOf((*T)(nil)).Elem(). This may now be written as\n reflect.TypeFor[T]().\n * runtime/metrics: Four new histogram metrics\n /sched/pauses/stopping/gc:seconds,\n /sched/pauses/stopping/other:seconds,\n /sched/pauses/total/gc:seconds, and\n /sched/pauses/total/other:seconds provide additional details\n about stop-the-world pauses. The \u0027stopping\u0027 metrics report the\n time taken from deciding to stop the world until all goroutines\n are stopped. The \u0027total\u0027 metrics report the time taken from\n deciding to stop the world until it is started again.\n * runtime/metrics: The /gc/pauses:seconds metric is deprecated,\n as it is equivalent to the new /sched/pauses/total/gc:seconds\n metric.\n * runtime/metrics: /sync/mutex/wait/total:seconds now includes\n contention on runtime-internal locks in addition to sync.Mutex\n and sync.RWMutex.\n * runtime/pprof: Mutex profiles now scale contention by the\n number of goroutines blocked on the mutex. This provides a more\n accurate representation of the degree to which a mutex is a\n bottleneck in a Go program. For instance, if 100 goroutines are\n blocked on a mutex for 10 milliseconds, a mutex profile will\n now record 1 second of delay instead of 10 milliseconds of\n delay.\n * runtime/pprof: Mutex profiles also now include contention on\n runtime-internal locks in addition to sync.Mutex and\n sync.RWMutex. Contention on runtime-internal locks is always\n reported at runtime._LostContendedRuntimeLock. A future release\n will add complete stack traces in these cases.\n * runtime/pprof: CPU profiles on Darwin platforms now contain the\n process\u0027s memory map, enabling the disassembly view in the\n pprof tool.\n * runtime/trace: The execution tracer has been completely\n overhauled in this release, resolving several long-standing\n issues and paving the way for new use-cases for execution\n traces.\n * runtime/trace: Execution traces now use the operating system\u0027s\n clock on most platforms (Windows excluded) so it is possible to\n correlate them with traces produced by lower-level\n components. Execution traces no longer depend on the\n reliability of the platform\u0027s clock to produce a correct\n trace. Execution traces are now partitioned regularly\n on-the-fly and as a result may be processed in a streamable\n way. Execution traces now contain complete durations for all\n system calls. Execution traces now contain information about\n the operating system threads that goroutines executed on. The\n latency impact of starting and stopping execution traces has\n been dramatically reduced. Execution traces may now begin or\n end during the garbage collection mark phase.\n * runtime/trace: To allow Go developers to take advantage of\n these improvements, an experimental trace reading package is\n available at golang.org/x/exp/trace. Note that this package\n only works on traces produced by programs built with go1.22 at\n the moment. Please try out the package and provide feedback on\n the corresponding proposal issue.\n * runtime/trace: If you experience any issues with the new\n execution tracer implementation, you may switch back to the old\n implementation by building your Go program with\n GOEXPERIMENT=noexectracer2. If you do, please file an issue,\n otherwise this option will be removed in a future release.\n * slices: The new function Concat concatenates multiple slices.\n * slices: Functions that shrink the size of a slice (Delete,\n DeleteFunc, Compact, CompactFunc, and Replace) now zero the\n elements between the new length and the old length.\n * slices: Insert now always panics if the argument i is out of\n range. Previously it did not panic in this situation if there\n were no elements to be inserted.\n * syscall: The syscall package has been frozen since Go 1.4 and\n was marked as deprecated in Go 1.11, causing many editors to\n warn about any use of the package. However, some non-deprecated\n functionality requires use of the syscall package, such as the\n os/exec.Cmd.SysProcAttr field. To avoid unnecessary complaints\n on such code, the syscall package is no longer marked as\n deprecated. The package remains frozen to most new\n functionality, and new code remains encouraged to use\n golang.org/x/sys/unix or golang.org/x/sys/windows where\n possible.\n * syscall: On Linux, the new SysProcAttr.PidFD field allows\n obtaining a PID FD when starting a child process via\n StartProcess or os/exec.\n * syscall: On Windows, passing O_SYNC to Open now causes write\n operations to go directly to disk, equivalent to O_SYNC on Unix\n platforms.\n * testing/slogtest: The new Run function uses sub-tests to run\n test cases, providing finer-grained control.\n * Ports: Darwin: On macOS on 64-bit x86 architecture (the\n darwin/amd64 port), the Go toolchain now generates\n position-independent executables (PIE) by default. Non-PIE\n binaries can be generated by specifying the -buildmode=exe\n build flag. On 64-bit ARM-based macOS (the darwin/arm64 port),\n the Go toolchain already generates PIE by default. go1.22 is\n the last release that will run on macOS 10.15 Catalina. Go 1.23\n will require macOS 11 Big Sur or later.\n * Ports: Arm: The GOARM environment variable now allows you to\n select whether to use software or hardware floating\n point. Previously, valid GOARM values were 5, 6, or 7. Now\n those same values can be optionally followed by ,softfloat or\n ,hardfloat to select the floating-point implementation. This\n new option defaults to softfloat for version 5 and hardfloat\n for versions 6 and 7.\n * Ports: Loong64: The loong64 port now supports passing function\n arguments and results using registers. The linux/loong64 port\n now supports the address sanitizer, memory sanitizer, new-style\n linker relocations, and the plugin build mode.\n * OpenBSD go1.22 adds an experimental port to OpenBSD on\n big-endian 64-bit PowerPC (openbsd/ppc64).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-3938,SUSE-SLE-Module-Development-Tools-15-SP6-2024-3938,openSUSE-SLE-15.6-2024-3938",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_3938-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:3938-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20243938-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:3938-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019791.html"
},
{
"category": "self",
"summary": "SUSE Bug 1218424",
"url": "https://bugzilla.suse.com/1218424"
},
{
"category": "self",
"summary": "SUSE Bug 1219988",
"url": "https://bugzilla.suse.com/1219988"
},
{
"category": "self",
"summary": "SUSE Bug 1220999",
"url": "https://bugzilla.suse.com/1220999"
},
{
"category": "self",
"summary": "SUSE Bug 1221000",
"url": "https://bugzilla.suse.com/1221000"
},
{
"category": "self",
"summary": "SUSE Bug 1221001",
"url": "https://bugzilla.suse.com/1221001"
},
{
"category": "self",
"summary": "SUSE Bug 1221002",
"url": "https://bugzilla.suse.com/1221002"
},
{
"category": "self",
"summary": "SUSE Bug 1221003",
"url": "https://bugzilla.suse.com/1221003"
},
{
"category": "self",
"summary": "SUSE Bug 1221400",
"url": "https://bugzilla.suse.com/1221400"
},
{
"category": "self",
"summary": "SUSE Bug 1224017",
"url": "https://bugzilla.suse.com/1224017"
},
{
"category": "self",
"summary": "SUSE Bug 1224018",
"url": "https://bugzilla.suse.com/1224018"
},
{
"category": "self",
"summary": "SUSE Bug 1225973",
"url": "https://bugzilla.suse.com/1225973"
},
{
"category": "self",
"summary": "SUSE Bug 1225974",
"url": "https://bugzilla.suse.com/1225974"
},
{
"category": "self",
"summary": "SUSE Bug 1227314",
"url": "https://bugzilla.suse.com/1227314"
},
{
"category": "self",
"summary": "SUSE Bug 1230252",
"url": "https://bugzilla.suse.com/1230252"
},
{
"category": "self",
"summary": "SUSE Bug 1230253",
"url": "https://bugzilla.suse.com/1230253"
},
{
"category": "self",
"summary": "SUSE Bug 1230254",
"url": "https://bugzilla.suse.com/1230254"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45288 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45288/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45289 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45289/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-45290 page",
"url": "https://www.suse.com/security/cve/CVE-2023-45290/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24783 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24783/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24784 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24784/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24785 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24785/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24787 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24787/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24788 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24788/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24789 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24789/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24790 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24790/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-24791 page",
"url": "https://www.suse.com/security/cve/CVE-2024-24791/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34155 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34155/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34156 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34156/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-34158 page",
"url": "https://www.suse.com/security/cve/CVE-2024-34158/"
}
],
"title": "Security update for go1.22-openssl",
"tracking": {
"current_release_date": "2024-11-07T10:08:23Z",
"generator": {
"date": "2024-11-07T10:08:23Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:3938-1",
"initial_release_date": "2024-11-07T10:08:23Z",
"revision_history": [
{
"date": "2024-11-07T10:08:23Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"product": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"product_id": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"product_id": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"product_id": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.i586",
"product": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.i586",
"product_id": "go1.22-openssl-1.22.7.1-150600.13.3.1.i586"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.i586",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.i586",
"product_id": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"product_id": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"product_id": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"product_id": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"product": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"product_id": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"product_id": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"product_id": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"product": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"product_id": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"product": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"product_id": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"product": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"product_id": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product": {
"name": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-development-tools:15:sp6"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 as component of SUSE Linux Enterprise Module for Development Tools 15 SP6",
"product_id": "SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Development Tools 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
},
"product_reference": "go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-45288",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45288"
}
],
"notes": [
{
"category": "general",
"text": "An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request\u0027s headers exceed MaxHeaderBytes, no memory is allocated to store the excess headers, but they are still parsed. This permits an attacker to cause an HTTP/2 endpoint to read arbitrary amounts of header data, all associated with a request which is going to be rejected. These headers can include Huffman-encoded data which is significantly more expensive for the receiver to decode than for an attacker to send. The fix sets a limit on the amount of excess header frames we will process before closing a connection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45288",
"url": "https://www.suse.com/security/cve/CVE-2023-45288"
},
{
"category": "external",
"summary": "SUSE Bug 1221400 for CVE-2023-45288",
"url": "https://bugzilla.suse.com/1221400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2023-45288"
},
{
"cve": "CVE-2023-45289",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45289"
}
],
"notes": [
{
"category": "general",
"text": "When following an HTTP redirect to a domain which is not a subdomain match or exact match of the initial domain, an http.Client does not forward sensitive headers such as \"Authorization\" or \"Cookie\". For example, a redirect from foo.com to www.foo.com will forward the Authorization header, but a redirect to bar.com will not. A maliciously crafted HTTP redirect could cause sensitive headers to be unexpectedly forwarded.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45289",
"url": "https://www.suse.com/security/cve/CVE-2023-45289"
},
{
"category": "external",
"summary": "SUSE Bug 1221000 for CVE-2023-45289",
"url": "https://bugzilla.suse.com/1221000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "important"
}
],
"title": "CVE-2023-45289"
},
{
"cve": "CVE-2023-45290",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-45290"
}
],
"notes": [
{
"category": "general",
"text": "When parsing a multipart form (either explicitly with Request.ParseMultipartForm or implicitly with Request.FormValue, Request.PostFormValue, or Request.FormFile), limits on the total size of the parsed form were not applied to the memory consumed while reading a single form line. This permits a maliciously crafted input containing very long lines to cause allocation of arbitrarily large amounts of memory, potentially leading to memory exhaustion. With fix, the ParseMultipartForm function now correctly limits the maximum size of form lines.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-45290",
"url": "https://www.suse.com/security/cve/CVE-2023-45290"
},
{
"category": "external",
"summary": "SUSE Bug 1221001 for CVE-2023-45290",
"url": "https://bugzilla.suse.com/1221001"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "important"
}
],
"title": "CVE-2023-45290"
},
{
"cve": "CVE-2024-24783",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24783"
}
],
"notes": [
{
"category": "general",
"text": "Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24783",
"url": "https://www.suse.com/security/cve/CVE-2024-24783"
},
{
"category": "external",
"summary": "SUSE Bug 1220999 for CVE-2024-24783",
"url": "https://bugzilla.suse.com/1220999"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "important"
}
],
"title": "CVE-2024-24783"
},
{
"cve": "CVE-2024-24784",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24784"
}
],
"notes": [
{
"category": "general",
"text": "The ParseAddressList function incorrectly handles comments (text within parentheses) within display names. Since this is a misalignment with conforming address parsers, it can result in different trust decisions being made by programs using different parsers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24784",
"url": "https://www.suse.com/security/cve/CVE-2024-24784"
},
{
"category": "external",
"summary": "SUSE Bug 1221002 for CVE-2024-24784",
"url": "https://bugzilla.suse.com/1221002"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "important"
}
],
"title": "CVE-2024-24784"
},
{
"cve": "CVE-2024-24785",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24785"
}
],
"notes": [
{
"category": "general",
"text": "If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24785",
"url": "https://www.suse.com/security/cve/CVE-2024-24785"
},
{
"category": "external",
"summary": "SUSE Bug 1221003 for CVE-2024-24785",
"url": "https://bugzilla.suse.com/1221003"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "important"
}
],
"title": "CVE-2024-24785"
},
{
"cve": "CVE-2024-24787",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24787"
}
],
"notes": [
{
"category": "general",
"text": "On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a \"#cgo LDFLAGS\" directive.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24787",
"url": "https://www.suse.com/security/cve/CVE-2024-24787"
},
{
"category": "external",
"summary": "SUSE Bug 1224017 for CVE-2024-24787",
"url": "https://bugzilla.suse.com/1224017"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-24787"
},
{
"cve": "CVE-2024-24788",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24788"
}
],
"notes": [
{
"category": "general",
"text": "A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24788",
"url": "https://www.suse.com/security/cve/CVE-2024-24788"
},
{
"category": "external",
"summary": "SUSE Bug 1224018 for CVE-2024-24788",
"url": "https://bugzilla.suse.com/1224018"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-24788"
},
{
"cve": "CVE-2024-24789",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24789"
}
],
"notes": [
{
"category": "general",
"text": "The archive/zip package\u0027s handling of certain types of invalid zip files differs from the behavior of most zip implementations. This misalignment could be exploited to create an zip file with contents that vary depending on the implementation reading the file. The archive/zip package now rejects files containing these errors.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24789",
"url": "https://www.suse.com/security/cve/CVE-2024-24789"
},
{
"category": "external",
"summary": "SUSE Bug 1225973 for CVE-2024-24789",
"url": "https://bugzilla.suse.com/1225973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-24789"
},
{
"cve": "CVE-2024-24790",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24790"
}
],
"notes": [
{
"category": "general",
"text": "The various Is methods (IsPrivate, IsLoopback, etc) did not work as expected for IPv4-mapped IPv6 addresses, returning false for addresses which would return true in their traditional IPv4 forms.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24790",
"url": "https://www.suse.com/security/cve/CVE-2024-24790"
},
{
"category": "external",
"summary": "SUSE Bug 1225974 for CVE-2024-24790",
"url": "https://bugzilla.suse.com/1225974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-24790"
},
{
"cve": "CVE-2024-24791",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-24791"
}
],
"notes": [
{
"category": "general",
"text": "The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an \"Expect: 100-continue\" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending \"Expect: 100-continue\" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-24791",
"url": "https://www.suse.com/security/cve/CVE-2024-24791"
},
{
"category": "external",
"summary": "SUSE Bug 1227314 for CVE-2024-24791",
"url": "https://bugzilla.suse.com/1227314"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-24791"
},
{
"cve": "CVE-2024-34155",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34155"
}
],
"notes": [
{
"category": "general",
"text": "Calling any of the Parse functions on Go source code which contains deeply nested literals can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34155",
"url": "https://www.suse.com/security/cve/CVE-2024-34155"
},
{
"category": "external",
"summary": "SUSE Bug 1230252 for CVE-2024-34155",
"url": "https://bugzilla.suse.com/1230252"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34156"
}
],
"notes": [
{
"category": "general",
"text": "Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34156",
"url": "https://www.suse.com/security/cve/CVE-2024-34156"
},
{
"category": "external",
"summary": "SUSE Bug 1230253 for CVE-2024-34156",
"url": "https://bugzilla.suse.com/1230253"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-34158"
}
],
"notes": [
{
"category": "general",
"text": "Calling Parse on a \"// +build\" build tag line with deeply nested expressions can cause a panic due to stack exhaustion.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-34158",
"url": "https://www.suse.com/security/cve/CVE-2024-34158"
},
{
"category": "external",
"summary": "SUSE Bug 1230254 for CVE-2024-34158",
"url": "https://bugzilla.suse.com/1230254"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"SUSE Linux Enterprise Module for Development Tools 15 SP6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-doc-1.22.7.1-150600.13.3.1.x86_64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.aarch64",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.ppc64le",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.s390x",
"openSUSE Leap 15.6:go1.22-openssl-race-1.22.7.1-150600.13.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-11-07T10:08:23Z",
"details": "moderate"
}
],
"title": "CVE-2024-34158"
}
]
}
WID-SEC-W-2024-2067
Vulnerability from csaf_certbund - Published: 2024-09-05 22:00 - Updated: 2026-03-05 23:00Summary
Golang Go: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Go ist eine quelloffene Programmiersprache.
Angriff: Ein entfernter Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
- Windows
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go <1.22.7
Golang / Go
|
<1.22.7 | ||
|
Red Hat Enterprise Linux Quay <3.16.0
Red Hat / Enterprise Linux
|
Quay <3.16.0 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux Cryostat 3
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:cryostat_3
|
Cryostat 3 | |
|
IBM Business Automation Workflow <24.0.1-IF002
IBM / Business Automation Workflow
|
<24.0.1-IF002 | ||
|
IBM Business Automation Workflow <24.0.0-IF005
IBM / Business Automation Workflow
|
<24.0.0-IF005 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Golang Go <1.23.1
Golang / Go
|
<1.23.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
Red Hat OpenStack 17.1
Red Hat / OpenStack
|
cpe:/a:redhat:openstack:17.1
|
17.1 | |
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go <1.22.7
Golang / Go
|
<1.22.7 | ||
|
Red Hat Enterprise Linux Quay <3.16.0
Red Hat / Enterprise Linux
|
Quay <3.16.0 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux Cryostat 3
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:cryostat_3
|
Cryostat 3 | |
|
IBM Business Automation Workflow <24.0.1-IF002
IBM / Business Automation Workflow
|
<24.0.1-IF002 | ||
|
IBM Business Automation Workflow <24.0.0-IF005
IBM / Business Automation Workflow
|
<24.0.0-IF005 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Golang Go <1.23.1
Golang / Go
|
<1.23.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
Red Hat OpenStack 17.1
Red Hat / OpenStack
|
cpe:/a:redhat:openstack:17.1
|
17.1 | |
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Golang Go <1.22.7
Golang / Go
|
<1.22.7 | ||
|
Red Hat Enterprise Linux Quay <3.16.0
Red Hat / Enterprise Linux
|
Quay <3.16.0 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat Enterprise Linux Cryostat 3
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:cryostat_3
|
Cryostat 3 | |
|
IBM Business Automation Workflow <24.0.1-IF002
IBM / Business Automation Workflow
|
<24.0.1-IF002 | ||
|
IBM Business Automation Workflow <24.0.0-IF005
IBM / Business Automation Workflow
|
<24.0.0-IF005 | ||
|
Xerox FreeFlow Print Server 9
Xerox / FreeFlow Print Server
|
cpe:/a:xerox:freeflow_print_server:9
|
9 | |
|
Golang Go <1.23.1
Golang / Go
|
<1.23.1 | ||
|
Oracle Linux
Oracle
|
cpe:/o:oracle:linux:-
|
— | |
|
RESF Rocky Linux
RESF
|
cpe:/o:resf:rocky_linux:-
|
— | |
|
Red Hat OpenShift API for Data Protection 1
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:api_for_data_protection_1
|
API for Data Protection 1 | |
|
Splunk Splunk Enterprise <9.3.4
Splunk / Splunk Enterprise
|
<9.3.4 | ||
|
Splunk Splunk Enterprise <9.4.2
Splunk / Splunk Enterprise
|
<9.4.2 | ||
|
IBM Spectrum Protect Plus <10.1.6.4
IBM / Spectrum Protect Plus
|
<10.1.6.4 | ||
|
Red Hat OpenStack 17.1
Red Hat / OpenStack
|
cpe:/a:redhat:openstack:17.1
|
17.1 | |
|
Splunk Splunk Enterprise <9.2.6
Splunk / Splunk Enterprise
|
<9.2.6 | ||
|
SUSE Linux
SUSE
|
cpe:/o:suse:suse_linux:-
|
— | |
|
Ubuntu Linux
Ubuntu
|
cpe:/o:canonical:ubuntu_linux:-
|
— | |
|
SUSE openSUSE
SUSE
|
cpe:/o:suse:opensuse:-
|
— | |
|
Splunk Splunk Enterprise <9.1.9
Splunk / Splunk Enterprise
|
<9.1.9 | ||
|
Amazon Linux 2
Amazon
|
cpe:/o:amazon:linux_2:-
|
— |
References
141 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Go ist eine quelloffene Programmiersprache.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter Angreifer kann mehrere Schwachstellen in Golang Go ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-2067 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-2067.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-2067 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-2067"
},
{
"category": "external",
"summary": "Google Groups Golang Announce vom 2024-09-05",
"url": "https://groups.google.com/g/golang-announce/c/K-cEzDeCtpc"
},
{
"category": "external",
"summary": "OSS Security Mailing List vom 2024-09-05",
"url": "https://seclists.org/oss-sec/2024/q3/248"
},
{
"category": "external",
"summary": "golang/go GitHub vom 2024-09-05",
"url": "https://go.dev/issue/69138"
},
{
"category": "external",
"summary": "golang/go GitHub vom 2024-09-05",
"url": "https://go.dev/issue/69139"
},
{
"category": "external",
"summary": "golang/go GitHub vom 2024-09-05",
"url": "https://go.dev/issue/69141"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3196-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019410.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3197-1 vom 2024-09-10",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-September/019409.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3214-1 vom 2024-09-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/IPEONFWNX7YQGJBYPCZAUZCZ2WXIQW62/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3213-1 vom 2024-09-12",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/DHMLLZUAU3JK37745OCU5XWTW5Z4B4Y6/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6913 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6913"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6914 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6914"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6908 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6908"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6912 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6912"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6946 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6946"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6946 vom 2024-09-24",
"url": "https://linux.oracle.com/errata/ELSA-2024-6946.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:6947 vom 2024-09-23",
"url": "https://access.redhat.com/errata/RHSA-2024:6947"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6908 vom 2024-09-23",
"url": "https://linux.oracle.com/errata/ELSA-2024-6908.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6947 vom 2024-09-24",
"url": "https://linux.oracle.com/errata/ELSA-2024-6947.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-6913 vom 2024-09-24",
"url": "http://linux.oracle.com/errata/ELSA-2024-6913.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7102 vom 2024-09-25",
"url": "https://access.redhat.com/errata/RHSA-2024:7102"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7136 vom 2024-09-25",
"url": "https://access.redhat.com/errata/RHSA-2024:7136"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7136 vom 2024-09-26",
"url": "https://linux.oracle.com/errata/ELSA-2024-7136.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7135 vom 2024-09-26",
"url": "https://linux.oracle.com/errata/ELSA-2024-7135.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7135 vom 2024-09-25",
"url": "https://access.redhat.com/errata/RHSA-2024:7135"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7103 vom 2024-09-25",
"url": "https://access.redhat.com/errata/RHSA-2024:7103"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7202 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7202"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7204 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7206 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7206"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7204 vom 2024-09-27",
"url": "https://linux.oracle.com/errata/ELSA-2024-7204.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7261 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7261"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7262 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7262"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7205 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7205"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7207 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7207"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7208 vom 2024-09-26",
"url": "https://access.redhat.com/errata/RHSA-2024:7208"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-7262 vom 2024-09-28",
"url": "https://linux.oracle.com/errata/ELSA-2024-7262.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7350 vom 2024-09-30",
"url": "https://access.redhat.com/errata/RHSA-2024:7350"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7351 vom 2024-09-30",
"url": "https://access.redhat.com/errata/RHSA-2024:7351"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6947 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:6947"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6946 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:6946"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:6913 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:6913"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:7136 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:7136"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:7204 vom 2024-09-30",
"url": "https://errata.build.resf.org/RLSA-2024:7204"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7456 vom 2024-10-01",
"url": "https://access.redhat.com/errata/RHSA-2024:7456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7487 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7487"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7485 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7485"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7449 vom 2024-10-01",
"url": "https://access.redhat.com/errata/RHSA-2024:7449"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7488 vom 2024-10-02",
"url": "https://access.redhat.com/errata/RHSA-2024:7488"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7455 vom 2024-10-01",
"url": "https://access.redhat.com/errata/RHSA-2024:7455"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2024-2643 vom 2024-10-02",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2024-2643.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7769 vom 2024-10-07",
"url": "https://access.redhat.com/errata/RHSA-2024:7769"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7821 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7821"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7794 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7794"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7792 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7792"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7819 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7819"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7822 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7822"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7793 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7793"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7791 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7791"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7818 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7818"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7820 vom 2024-10-08",
"url": "https://access.redhat.com/errata/RHSA-2024:7820"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:7852 vom 2024-10-09",
"url": "https://access.redhat.com/errata/RHSA-2024:7852"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14392-1 vom 2024-10-10",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VKQV4GKNNP3RDIDOADDTNIWK2GWHEQ46/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8039 vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8039"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8038 vom 2024-10-14",
"url": "https://access.redhat.com/errata/RHSA-2024:8038"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8038 vom 2024-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-8038.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8039 vom 2024-10-14",
"url": "https://linux.oracle.com/errata/ELSA-2024-8039.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8110 vom 2024-10-15",
"url": "https://access.redhat.com/errata/RHSA-2024:8110"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8112 vom 2024-10-15",
"url": "https://access.redhat.com/errata/RHSA-2024:8112"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8112 vom 2024-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-8112.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8110 vom 2024-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-8110.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-8111 vom 2024-10-15",
"url": "https://linux.oracle.com/errata/ELSA-2024-8111.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7081-1 vom 2024-10-23",
"url": "https://ubuntu.com/security/notices/USN-7081-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8329 vom 2024-10-22",
"url": "https://access.redhat.com/errata/RHSA-2024:8329"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8315 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8315"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8314 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8314"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8317 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8317"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8318 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8318"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8111 vom 2024-10-25",
"url": "https://errata.build.resf.org/RLSA-2024:8111"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8039 vom 2024-10-25",
"url": "https://errata.build.resf.org/RLSA-2024:8039"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8038 vom 2024-10-25",
"url": "https://errata.build.resf.org/RLSA-2024:8038"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2024:8110 vom 2024-10-25",
"url": "https://errata.build.resf.org/RLSA-2024:8110"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3772-1 vom 2024-10-29",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-October/019688.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3773-1 vom 2024-10-29",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/5FQIPPI5C7ESB64AZAINR4HNOUP7FS36/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3809-1 vom 2024-10-30",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/message/M53WWN7UZXP3TU6VZGQOUL3C6XT5KIQA/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8692 vom 2024-11-07",
"url": "https://access.redhat.com/errata/RHSA-2024:8692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8688 vom 2024-11-06",
"url": "https://access.redhat.com/errata/RHSA-2024:8688"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3937-1 vom 2024-11-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019792.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3938-1 vom 2024-11-07",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019791.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9459 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9459"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9456 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9456"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9473 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9473"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9472 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9472"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9454 vom 2024-11-12",
"url": "https://access.redhat.com/errata/RHSA-2024:9454"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9485 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:9485"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7109-1 vom 2024-11-14",
"url": "https://ubuntu.com/security/notices/USN-7109-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7111-1 vom 2024-11-14",
"url": "https://ubuntu.com/security/notices/USN-7111-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8219 vom 2024-11-18",
"url": "https://access.redhat.com/errata/RHSA-2024:8219"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:9960 vom 2024-11-19",
"url": "https://access.redhat.com/errata/RHSA-2024:9960"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9472 vom 2024-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-9472.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9454 vom 2024-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-9454.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9473 vom 2024-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-9473.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-9456 vom 2024-11-21",
"url": "https://linux.oracle.com/errata/ELSA-2024-9456.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2024:14520-1 vom 2024-11-25",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/M2XL2GIFLLA5UEYWJGZCWOIWYC4LD5JE/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10883 vom 2024-12-09",
"url": "https://access.redhat.com/errata/RHSA-2024:10883"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11217 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11217"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11216 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11216"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-11216 vom 2024-12-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-11216.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2024-11217 vom 2024-12-19",
"url": "https://linux.oracle.com/errata/ELSA-2024-11217.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7180361 vom 2025-01-07",
"url": "https://www.ibm.com/support/pages/node/7180361"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0203 vom 2025-01-09",
"url": "https://access.redhat.com/errata/RHSA-2025:0203"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0771 vom 2025-01-28",
"url": "https://access.redhat.com/errata/RHSA-2025:0771"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:1190 vom 2025-02-10",
"url": "https://access.redhat.com/errata/RHSA-2025:1190"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-2779 vom 2025-03-07",
"url": "https://alas.aws.amazon.com/AL2/ALAS-2025-2779.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:3773 vom 2025-04-10",
"url": "https://access.redhat.com/errata/RHSA-2025:3773"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-3773 vom 2025-04-10",
"url": "https://linux.oracle.com/errata/ELSA-2025-3773.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS-2025-1971 vom 2025-04-17",
"url": "https://alas.aws.amazon.com/ALAS-2025-1971.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4240 vom 2025-04-28",
"url": "https://access.redhat.com/errata/RHSA-2025:4240"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7232437 vom 2025-05-03",
"url": "https://www.ibm.com/support/pages/node/7232437"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:7118 vom 2025-05-13",
"url": "https://access.redhat.com/errata/RHSA-2025:7118"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-7967 vom 2025-05-21",
"url": "https://linux.oracle.com/errata/ELSA-2025-7967.html"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-012 vom 2025-06-02",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/06/Xerox-Security-Bulletin-XRX25-012-for-Xerox-FreeFlow-Print-Server-v9.pdf"
},
{
"category": "external",
"summary": "Splunk Security Advisory SVD-2025-0603 vom 2025-06-02",
"url": "https://advisory.splunk.com//advisories/SVD-2025-0603"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:9776 vom 2025-06-26",
"url": "https://access.redhat.com/errata/RHSA-2025:9776"
},
{
"category": "external",
"summary": "Rocky Linux Security Advisory RLSA-2025:3773 vom 2025-07-29",
"url": "https://errata.build.resf.org/RLSA-2025:3773"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-19566 vom 2025-11-04",
"url": "https://linux.oracle.com/errata/ELSA-2025-19566.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:22287 vom 2025-11-27",
"url": "https://access.redhat.com/errata/RHSA-2025:22287"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23028 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23028"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23060 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23060"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23064 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23064"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23059 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23059"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23061 vom 2025-12-10",
"url": "https://access.redhat.com/errata/RHSA-2025:23061"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23176 vom 2025-12-15",
"url": "https://access.redhat.com/errata/RHSA-2025:23176"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:23546 vom 2025-12-17",
"url": "https://access.redhat.com/errata/RHSA-2025:23546"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:1730 vom 2026-02-02",
"url": "https://access.redhat.com/errata/RHSA-2026:1730"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-1837 vom 2026-02-04",
"url": "https://linux.oracle.com/errata/ELSA-2026-1837.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2762 vom 2026-02-16",
"url": "https://access.redhat.com/errata/RHSA-2026:2762"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2681 vom 2026-02-16",
"url": "https://access.redhat.com/errata/RHSA-2026:2681"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2754 vom 2026-02-16",
"url": "https://access.redhat.com/errata/RHSA-2026:2754"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2026-3752 vom 2026-03-05",
"url": "https://linux.oracle.com/errata/ELSA-2026-3752.html"
}
],
"source_lang": "en-US",
"title": "Golang Go: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2026-03-05T23:00:00.000+00:00",
"generator": {
"date": "2026-03-06T10:29:50.148+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-2067",
"initial_release_date": "2024-09-05T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-09-05T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-09-10T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-12T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-09-22T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-09-23T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-09-24T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-09-25T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-09-26T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2024-09-29T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Oracle Linux und Red Hat aufgenommen"
},
{
"date": "2024-09-30T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-10-01T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-03T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2024-10-07T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-08T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-09T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-10T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-10-13T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-14T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-10-15T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Ubuntu und Red Hat aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-27T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2024-10-29T23:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-10-30T23:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-11-06T23:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2024-11-11T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-13T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-14T23:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2024-11-17T23:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-18T23:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-20T23:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2024-11-25T23:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-16T23:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-19T23:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-01-06T23:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-01-09T23:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-28T23:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-09T23:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-03-09T23:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-09T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-10T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-04-21T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-04-27T22:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-04T22:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-05-12T22:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-06-02T22:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von XEROX und Splunk-SVD aufgenommen"
},
{
"date": "2025-06-26T22:00:00.000+00:00",
"number": "51",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "52",
"summary": "Neue Updates von Rocky Enterprise Software Foundation aufgenommen"
},
{
"date": "2025-11-04T23:00:00.000+00:00",
"number": "53",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-11-27T23:00:00.000+00:00",
"number": "54",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-09T23:00:00.000+00:00",
"number": "55",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-10T23:00:00.000+00:00",
"number": "56",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-14T23:00:00.000+00:00",
"number": "57",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-12-17T23:00:00.000+00:00",
"number": "58",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-02T23:00:00.000+00:00",
"number": "59",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-04T23:00:00.000+00:00",
"number": "60",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2026-02-16T23:00:00.000+00:00",
"number": "61",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-03-05T23:00:00.000+00:00",
"number": "62",
"summary": "Neue Updates von Oracle Linux aufgenommen"
}
],
"status": "final",
"version": "62"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c1.23.1",
"product": {
"name": "Golang Go \u003c1.23.1",
"product_id": "T037315"
}
},
{
"category": "product_version",
"name": "1.23.1",
"product": {
"name": "Golang Go 1.23.1",
"product_id": "T037315-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.23.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c1.22.7",
"product": {
"name": "Golang Go \u003c1.22.7",
"product_id": "T037316"
}
},
{
"category": "product_version",
"name": "1.22.7",
"product": {
"name": "Golang Go 1.22.7",
"product_id": "T037316-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:golang:go:1.22.7"
}
}
}
],
"category": "product_name",
"name": "Go"
}
],
"category": "vendor",
"name": "Golang"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c24.0.1-IF002",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.1-IF002",
"product_id": "T043290"
}
},
{
"category": "product_version",
"name": "24.0.1-IF002",
"product": {
"name": "IBM Business Automation Workflow 24.0.1-IF002",
"product_id": "T043290-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.1-if002"
}
}
},
{
"category": "product_version_range",
"name": "\u003c24.0.0-IF005",
"product": {
"name": "IBM Business Automation Workflow \u003c24.0.0-IF005",
"product_id": "T043291"
}
},
{
"category": "product_version",
"name": "24.0.0-IF005",
"product": {
"name": "IBM Business Automation Workflow 24.0.0-IF005",
"product_id": "T043291-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:24.0.0-if005"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus \u003c10.1.6.4",
"product_id": "T040030"
}
},
{
"category": "product_version",
"name": "10.1.6.4",
"product": {
"name": "IBM Spectrum Protect Plus 10.1.6.4",
"product_id": "T040030-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_protect_plus:10.1.6.4"
}
}
}
],
"category": "product_name",
"name": "Spectrum Protect Plus"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"category": "product_name",
"name": "RESF Rocky Linux",
"product": {
"name": "RESF Rocky Linux",
"product_id": "T032255",
"product_identification_helper": {
"cpe": "cpe:/o:resf:rocky_linux:-"
}
}
}
],
"category": "vendor",
"name": "RESF"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Cryostat 3",
"product": {
"name": "Red Hat Enterprise Linux Cryostat 3",
"product_id": "T036943",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:cryostat_3"
}
}
},
{
"category": "product_version_range",
"name": "Quay \u003c3.16.0",
"product": {
"name": "Red Hat Enterprise Linux Quay \u003c3.16.0",
"product_id": "T049495"
}
},
{
"category": "product_version",
"name": "Quay 3.16.0",
"product": {
"name": "Red Hat Enterprise Linux Quay 3.16.0",
"product_id": "T049495-fixed",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:quay__3.16.0"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "API for Data Protection 1",
"product": {
"name": "Red Hat OpenShift API for Data Protection 1",
"product_id": "T039224",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:api_for_data_protection_1"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
},
{
"branches": [
{
"category": "product_version",
"name": "17.1",
"product": {
"name": "Red Hat OpenStack 17.1",
"product_id": "T039385",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:17.1"
}
}
}
],
"category": "product_name",
"name": "OpenStack"
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c9.4.2",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.4.2",
"product_id": "T044257"
}
},
{
"category": "product_version",
"name": "9.4.2",
"product": {
"name": "Splunk Splunk Enterprise 9.4.2",
"product_id": "T044257-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.4.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.4",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.3.4",
"product_id": "T044258"
}
},
{
"category": "product_version",
"name": "9.3.4",
"product": {
"name": "Splunk Splunk Enterprise 9.3.4",
"product_id": "T044258-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.3.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.6",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.2.6",
"product_id": "T044259"
}
},
{
"category": "product_version",
"name": "9.2.6",
"product": {
"name": "Splunk Splunk Enterprise 9.2.6",
"product_id": "T044259-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.2.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.9",
"product": {
"name": "Splunk Splunk Enterprise \u003c9.1.9",
"product_id": "T044260"
}
},
{
"category": "product_version",
"name": "9.1.9",
"product": {
"name": "Splunk Splunk Enterprise 9.1.9",
"product_id": "T044260-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:splunk:splunk:9.1.9"
}
}
}
],
"category": "product_name",
"name": "Splunk Enterprise"
}
],
"category": "vendor",
"name": "Splunk"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "9",
"product": {
"name": "Xerox FreeFlow Print Server 9",
"product_id": "T002977",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:9"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"product_status": {
"known_affected": [
"T037316",
"T049495",
"67646",
"T036943",
"T043290",
"T043291",
"T002977",
"T037315",
"T004914",
"T032255",
"T039224",
"T044258",
"T044257",
"T040030",
"T039385",
"T044259",
"T002207",
"T000126",
"T027843",
"T044260",
"398363"
]
},
"release_date": "2024-09-05T22:00:00.000+00:00",
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"product_status": {
"known_affected": [
"T037316",
"T049495",
"67646",
"T036943",
"T043290",
"T043291",
"T002977",
"T037315",
"T004914",
"T032255",
"T039224",
"T044258",
"T044257",
"T040030",
"T039385",
"T044259",
"T002207",
"T000126",
"T027843",
"T044260",
"398363"
]
},
"release_date": "2024-09-05T22:00:00.000+00:00",
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"product_status": {
"known_affected": [
"T037316",
"T049495",
"67646",
"T036943",
"T043290",
"T043291",
"T002977",
"T037315",
"T004914",
"T032255",
"T039224",
"T044258",
"T044257",
"T040030",
"T039385",
"T044259",
"T002207",
"T000126",
"T027843",
"T044260",
"398363"
]
},
"release_date": "2024-09-05T22:00:00.000+00:00",
"title": "CVE-2024-34158"
}
]
}
WID-SEC-W-2024-3250
Vulnerability from csaf_certbund - Published: 2024-10-21 22:00 - Updated: 2026-02-08 23:00Summary
Red Hat OpenShift: Mehrere Schwachstellen
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Red Hat OpenShift ist eine "Platform as a Service" (PaaS) Lösung zur Bereitstellung von Applikationen in der Cloud.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuführen, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuführen und beliebigen Code auszuführen.
Betroffene Betriebssysteme: - Sonstiges
- UNIX
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
Affected products
Known affected
21 products
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Red Hat OpenShift Data Foundation 4
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:data_foundation_4
|
Data Foundation 4 | |
|
Red Hat OpenShift Container Platform <4.17.4
Red Hat / OpenShift
|
Container Platform <4.17.4 | ||
|
Red Hat Enterprise Linux
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:-
|
— | |
|
Red Hat OpenShift Container Platform <4.17.2
Red Hat / OpenShift
|
Container Platform <4.17.2 | ||
|
Atlassian Confluence <10.1.1
Atlassian / Confluence
|
<10.1.1 | ||
|
Red Hat OpenShift <4.14.40
Red Hat / OpenShift
|
<4.14.40 | ||
|
Red Hat OpenShift Network Observability <1.7.0
Red Hat / OpenShift
|
Network Observability <1.7.0 | ||
|
Red Hat OpenShift Container Platform <4.17.15
Red Hat / OpenShift
|
Container Platform <4.17.15 | ||
|
Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4
Red Hat / Enterprise Linux
|
cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4
|
Advanced Cluster Security for Kubernetes 4 | |
|
Red Hat OpenShift Kube Descheduler Operator 5
Red Hat / OpenShift
|
cpe:/a:redhat:openshift:kube_descheduler_operator_5
|
Kube Descheduler Operator 5 | |
|
Red Hat OpenShift Data Foundation <4.17.7
Red Hat / OpenShift
|
Data Foundation <4.17.7 | ||
|
Red Hat OpenShift Data Foundation <4.14.18
Red Hat / OpenShift
|
Data Foundation <4.14.18 | ||
|
Atlassian Confluence <10.0.2
Atlassian / Confluence
|
<10.0.2 | ||
|
Red Hat OpenShift Data Foundation <4.14.13
Red Hat / OpenShift
|
Data Foundation <4.14.13 | ||
|
Red Hat OpenShift Serverless Logic <1.35.0
Red Hat / OpenShift
|
Serverless Logic <1.35.0 | ||
|
Red Hat OpenShift Container Platform <4.18.10
Red Hat / OpenShift
|
Container Platform <4.18.10 | ||
|
Atlassian Bitbucket <9.4.13 (LTS)
Atlassian / Bitbucket
|
<9.4.13 (LTS) | ||
|
Atlassian Bitbucket <8.19.25 (LTS)
Atlassian / Bitbucket
|
<8.19.25 (LTS) | ||
|
Atlassian Confluence <8.5.25
Atlassian / Confluence
|
<8.5.25 | ||
|
Atlassian Bitbucket <10.0.2
Atlassian / Bitbucket
|
<10.0.2 | ||
|
Atlassian Confluence <9.2.7
Atlassian / Confluence
|
<9.2.7 |
References
39 references
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Red Hat OpenShift ist eine \"Platform as a Service\" (PaaS) L\u00f6sung zur Bereitstellung von Applikationen in der Cloud.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Red Hat OpenShift ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren, Daten zu manipulieren, vertrauliche Informationen preiszugeben, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren und beliebigen Code auszuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges\n- UNIX",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-3250 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-3250.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-3250 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-3250"
},
{
"category": "external",
"summary": "Red Hat Advisory vom 2024-10-21",
"url": "https://access.redhat.com/errata/RHSA-2024:8014"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8229 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8229"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8232 vom 2024-10-23",
"url": "https://access.redhat.com/errata/RHSA-2024:8232"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8260 vom 2024-10-24",
"url": "https://access.redhat.com/errata/RHSA-2024:8260"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8263 vom 2024-10-24",
"url": "https://access.redhat.com/errata/RHSA-2024:8263"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8581 vom 2024-10-29",
"url": "https://access.redhat.com/errata/RHSA-2024:8581"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8676 vom 2024-10-30",
"url": "https://access.redhat.com/errata/RHSA-2024:8676"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8425 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8425"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8337 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8337"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8677 vom 2024-10-30",
"url": "https://access.redhat.com/errata/RHSA-2024:8677"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8428 vom 2024-10-31",
"url": "https://access.redhat.com/errata/RHSA-2024:8428"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8692 vom 2024-11-07",
"url": "https://access.redhat.com/errata/RHSA-2024:8692"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8688 vom 2024-11-06",
"url": "https://access.redhat.com/errata/RHSA-2024:8688"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8697 vom 2024-11-07",
"url": "https://access.redhat.com/errata/RHSA-2024:8697"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8700 vom 2024-11-08",
"url": "https://access.redhat.com/errata/RHSA-2024:8700"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8981 vom 2024-11-13",
"url": "https://access.redhat.com/errata/RHSA-2024:8981"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10186 vom 2024-11-22",
"url": "https://access.redhat.com/errata/RHSA-2024:10186"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:8704 vom 2024-12-02",
"url": "https://access.redhat.com/errata/RHSA-2024:8704"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10762 vom 2024-12-03",
"url": "https://access.redhat.com/errata/RHSA-2024:10762"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10865 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10865"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10857 vom 2024-12-05",
"url": "https://access.redhat.com/errata/RHSA-2024:10857"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10906 vom 2024-12-10",
"url": "https://access.redhat.com/errata/RHSA-2024:10906"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:10895 vom 2024-12-11",
"url": "https://access.redhat.com/errata/RHSA-2024:10895"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11023 vom 2024-12-12",
"url": "https://access.redhat.com/errata/RHSA-2024:11023"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2024:11293 vom 2024-12-17",
"url": "https://access.redhat.com/errata/RHSA-2024:11293"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0079 vom 2025-01-08",
"url": "https://access.redhat.com/errata/RHSA-2025:0079"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0164 vom 2025-01-09",
"url": "https://access.redhat.com/errata/RHSA-2025:0164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0323 vom 2025-01-15",
"url": "https://access.redhat.com/errata/RHSA-2025:0323"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0664 vom 2025-01-23",
"url": "https://access.redhat.com/errata/RHSA-2025:0664"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:0875 vom 2025-02-05",
"url": "https://access.redhat.com/errata/RHSA-2025:0875"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:4019 vom 2025-04-23",
"url": "https://access.redhat.com/errata/RHSA-2025:4019"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8059 vom 2025-05-21",
"url": "https://access.redhat.com/errata/RHSA-2025:8059"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8479 vom 2025-06-04",
"url": "https://access.redhat.com/errata/RHSA-2025:8479"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:8551 vom 2025-06-05",
"url": "https://access.redhat.com/errata/RHSA-2025:8551"
},
{
"category": "external",
"summary": "Atlassian Security Bulletin - November 18 2025",
"url": "https://confluence.atlassian.com/security/security-bulletin-november-18-2025-1671463469.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2164 vom 2026-02-05",
"url": "https://access.redhat.com/errata/RHSA-2026:2164"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2026:2172 vom 2026-02-05",
"url": "https://access.redhat.com/errata/RHSA-2026:2172"
}
],
"source_lang": "en-US",
"title": "Red Hat OpenShift: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-02-08T23:00:00.000+00:00",
"generator": {
"date": "2026-02-09T07:12:49.263+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2024-3250",
"initial_release_date": "2024-10-21T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-10-21T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-10-22T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-23T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-29T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-10-30T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-06T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-10T23:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-12T23:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-11-21T23:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-02T23:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-03T23:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-05T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-09T23:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-11T23:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-12T23:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2024-12-17T23:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-07T23:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-08T23:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-14T23:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-01-23T23:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-02-04T23:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-04-22T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-05-20T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-03T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-06-04T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-11-18T23:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2026-02-05T23:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2026-02-08T23:00:00.000+00:00",
"number": "29",
"summary": "doppelte Eintragung bereinigt"
}
],
"status": "final",
"version": "29"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Bitbucket \u003c10.0.2",
"product_id": "T048675"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Bitbucket 10.0.2",
"product_id": "T048675-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c8.19.25 (LTS)",
"product_id": "T048676"
}
},
{
"category": "product_version",
"name": "8.19.25 (LTS)",
"product": {
"name": "Atlassian Bitbucket 8.19.25 (LTS)",
"product_id": "T048676-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:8.19.25_%28lts%29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket \u003c9.4.13 (LTS)",
"product_id": "T048677"
}
},
{
"category": "product_version",
"name": "9.4.13 (LTS)",
"product": {
"name": "Atlassian Bitbucket 9.4.13 (LTS)",
"product_id": "T048677-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:bitbucket:9.4.13_%28lts%29"
}
}
}
],
"category": "product_name",
"name": "Bitbucket"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.1.1",
"product": {
"name": "Atlassian Confluence \u003c10.1.1",
"product_id": "T048680"
}
},
{
"category": "product_version",
"name": "10.1.1",
"product": {
"name": "Atlassian Confluence 10.1.1",
"product_id": "T048680-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.1.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.2",
"product": {
"name": "Atlassian Confluence \u003c10.0.2",
"product_id": "T048685"
}
},
{
"category": "product_version",
"name": "10.0.2",
"product": {
"name": "Atlassian Confluence 10.0.2",
"product_id": "T048685-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:10.0.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.7",
"product": {
"name": "Atlassian Confluence \u003c9.2.7",
"product_id": "T048686"
}
},
{
"category": "product_version",
"name": "9.2.7",
"product": {
"name": "Atlassian Confluence 9.2.7",
"product_id": "T048686-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:9.2.7"
}
}
},
{
"category": "product_version_range",
"name": "\u003c8.5.25",
"product": {
"name": "Atlassian Confluence \u003c8.5.25",
"product_id": "T048687"
}
},
{
"category": "product_version",
"name": "8.5.25",
"product": {
"name": "Atlassian Confluence 8.5.25",
"product_id": "T048687-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:atlassian:confluence:8.5.25"
}
}
}
],
"category": "product_name",
"name": "Confluence"
}
],
"category": "vendor",
"name": "Atlassian"
},
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
},
{
"category": "product_version",
"name": "Advanced Cluster Security for Kubernetes 4",
"product": {
"name": "Red Hat Enterprise Linux Advanced Cluster Security for Kubernetes 4",
"product_id": "T027916",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:advanced_cluster_security_for_kubernetes_4"
}
}
}
],
"category": "product_name",
"name": "Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "Data Foundation 4",
"product": {
"name": "Red Hat OpenShift Data Foundation 4",
"product_id": "T028133",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation_4"
}
}
},
{
"category": "product_version",
"name": "Kube Descheduler Operator 5",
"product": {
"name": "Red Hat OpenShift Kube Descheduler Operator 5",
"product_id": "T033270",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:kube_descheduler_operator_5"
}
}
},
{
"category": "product_version_range",
"name": "Network Observability \u003c1.7.0",
"product": {
"name": "Red Hat OpenShift Network Observability \u003c1.7.0",
"product_id": "T038514"
}
},
{
"category": "product_version",
"name": "Network Observability 1.7.0",
"product": {
"name": "Red Hat OpenShift Network Observability 1.7.0",
"product_id": "T038514-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:network_observability__1.7.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.2",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.2",
"product_id": "T038527"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.2",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.2",
"product_id": "T038527-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c4.14.40",
"product": {
"name": "Red Hat OpenShift \u003c4.14.40",
"product_id": "T038844"
}
},
{
"category": "product_version",
"name": "4.14.40",
"product": {
"name": "Red Hat OpenShift 4.14.40",
"product_id": "T038844-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.14.40"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.4",
"product_id": "T038989"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.4",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.4",
"product_id": "T038989-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.4"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.14.13",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.14.13",
"product_id": "T040215"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.14.13",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.14.13",
"product_id": "T040215-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.13"
}
}
},
{
"category": "product_version_range",
"name": "Serverless Logic \u003c1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic \u003c1.35.0",
"product_id": "T040597"
}
},
{
"category": "product_version",
"name": "Serverless Logic 1.35.0",
"product": {
"name": "Red Hat OpenShift Serverless Logic 1.35.0",
"product_id": "T040597-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:serverless_logic__1.35.0"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.17.15",
"product_id": "T040819"
}
},
{
"category": "product_version",
"name": "Container Platform 4.17.15",
"product": {
"name": "Red Hat OpenShift Container Platform 4.17.15",
"product_id": "T040819-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.17.15"
}
}
},
{
"category": "product_version_range",
"name": "Container Platform \u003c4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform \u003c4.18.10",
"product_id": "T043077"
}
},
{
"category": "product_version",
"name": "Container Platform 4.18.10",
"product": {
"name": "Red Hat OpenShift Container Platform 4.18.10",
"product_id": "T043077-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:container_platform__4.18.10"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.17.7",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.17.7",
"product_id": "T044019"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.17.7",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.17.7",
"product_id": "T044019-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.17.7"
}
}
},
{
"category": "product_version_range",
"name": "Data Foundation \u003c4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation \u003c4.14.18",
"product_id": "T044338"
}
},
{
"category": "product_version",
"name": "Data Foundation 4.14.18",
"product": {
"name": "Red Hat OpenShift Data Foundation 4.14.18",
"product_id": "T044338-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:data_foundation__4.14.18"
}
}
}
],
"category": "product_name",
"name": "OpenShift"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-34155",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34155"
},
{
"cve": "CVE-2024-34156",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34156"
},
{
"cve": "CVE-2024-34158",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-34158"
},
{
"cve": "CVE-2024-39338",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-39338"
},
{
"cve": "CVE-2024-43788",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43788"
},
{
"cve": "CVE-2024-43796",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43796"
},
{
"cve": "CVE-2024-43799",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43799"
},
{
"cve": "CVE-2024-43800",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-43800"
},
{
"cve": "CVE-2024-45296",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45296"
},
{
"cve": "CVE-2024-45590",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45590"
},
{
"cve": "CVE-2024-45801",
"product_status": {
"known_affected": [
"T028133",
"T038989",
"67646",
"T038527",
"T048680",
"T038844",
"T038514",
"T040819",
"T027916",
"T033270",
"T044019",
"T044338",
"T048685",
"T040215",
"T040597",
"T043077",
"T048677",
"T048676",
"T048687",
"T048675",
"T048686"
]
},
"release_date": "2024-10-21T22:00:00.000+00:00",
"title": "CVE-2024-45801"
}
]
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…