Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Mageia 8 MGASA-2023-0349 critical: golang CVE-2023-39326 and CVE-2023-45283

mageia
Calendar Grey December 17, 2023
Dist Mageia Esm H88
Mageia has introduced updated golang packages as of December 17, 2023, focusing on significant security vulnerabilities. More information to follow.
Update to upstream golang 1.21.5 to fix CVE2023-39326 and CVE-2023-4528[35] In Mageia 8, this update also allows build nodes to build docker stack References:

Summary

Update to upstream golang 1.21.5 to fix CVE2023-39326 and CVE-2023-4528[35] In Mageia 8, this update also allows build nodes to build docker stack

References

- https://bugs.mageia.org/show_bug.cgi?id=32622

- https://www.openwall.com/lists/oss-security/2023/12/05/2

- https://www.cve.org/CVERecord?id=CVE-2023-39326

- https://www.cve.org/CVERecord?id=CVE-2023-45283

- https://www.cve.org/CVERecord?id=CVE-2023-45285

Resolution

SRPMS

- 8/core/golang-1.21.5-1.mga8

- 9/core/golang-1.21.5-1.mga9

Severity
critical
Lowest
Low
Medium
High
Critical

Publication date: 17 Dec 2023
URL: https://advisories.mageia.org/MGASA-2023-0349.html
Type: security
CVE: CVE-2023-39326, CVE-2023-45283, CVE-2023-45285

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here