Linux Security
    Linux Security
    Linux Security

    openSUSE: 2020:1087-1: important: go1.13

    Posted By
    An update that solves two vulnerabilities and has three fixes is now available.
       openSUSE Security Update: Security update for go1.13
    Announcement ID:    openSUSE-SU-2020:1087-1
    Rating:             important
    References:         #1149259 #1169832 #1172868 #1174153 #1174191 
    Cross-References:   CVE-2020-14039 CVE-2020-15586
    Affected Products:
                        openSUSE Leap 15.1
       An update that solves two vulnerabilities and has three
       fixes is now available.
       This update for go1.13 fixes the following issues:
       - go1.13.14 (released 2020/07/16) includes fixes to the compiler, vet, and
         the database/sql, net/http, and reflect packages Refs bsc#1149259 go1.13
         release tracking
         * go#39925 net/http: panic on misformed If-None-Match Header with
         * go#39848 cmd/compile: internal compile error when using sync.Pool:
           mismatched zero/store sizes
         * go#39823 cmd/go: TestBuildIDContainsArchModeEnv/386 fails on linux/386
           in Go 1.14 and 1.13, not 1.15
         * go#39697 reflect: panic from malloc after MakeFunc function returns
           value that is also stored globally
         * go#39561 cmd/compile/internal/ssa: TestNexting/dlv-dbg-hist failing on
           linux-386-longtest builder because it tries to use an older version of
           dlv which only supports linux/amd64
         * go#39538 net: TestDialParallel is flaky on windows-amd64-longtest
         * go#39287 cmd/vet: update for new number formats
         * go#40211 net/http: Expect 100-continue panics in httputil.ReverseProxy
           bsc#1174153 CVE-2020-15586
         * go#40209 crypto/x509: Certificate.Verify method seemingly ignoring EKU
           requirements on Windows bsc#1174191 CVE-2020-14039 (Windows only)
         * go#38932 runtime: preemption in startTemplateThread may cause infinite
         * go#36689 go/types, math/big: data race in go/types due to math/big.Rat
           accessors unsafe for concurrent use
       - Add patch to ensure /etc/hosts is used if /etc/nsswitch.conf is not
         present bsc#1172868 gh#golang/go#35305
       This update was imported from the SUSE:SLE-15:Update update project.
    Patch Instructions:
       To install this openSUSE Security Update use the SUSE recommended installation methods
       like YaST online_update or "zypper patch".
       Alternatively you can run the command listed for your product:
       - openSUSE Leap 15.1:
          zypper in -t patch openSUSE-2020-1087=1
    Package List:
       - openSUSE Leap 15.1 (x86_64):


    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.