SUSE 2023:3447-1 Critical Update: bci/golang DoS Vulnerability Resolved
suse
October 18, 2023
The container bci/golang was updated
Summary
Advisory ID: SUSE-SU-2023:4069-1 Released: Fri Oct 13 10:09:29 2023 Summary: Security update for go1.21 Type: security Severity: important Advisory ID: SUSE-RU-2023:4073-1 Released: Fri Oct 13 11:40:26 2023 Summary: Recommended update for rpm Type: recommended Severity: low
Topics Covered
References
References : 1212475 1216109 CVE-2023-39325 CVE-2023-44487
1212475,1216109,CVE-2023-39325,CVE-2023-44487
This update for go1.21 fixes the following issues:
- Update to go1.21.3 (bsc#1212475)
- CVE-2023-39325: Fixed a flaw that can lead to a DoS due to a rapid stream resets causing excessive work. This is also known as CVE-2023-44487. (bsc#1216109)
This update for rpm fixes the following issue:
- Enables build for all python modules (jsc#PED-68, jsc#PED-1988)
The following package changes have been done:
- rpm-ndb-4.14.3-150400.59.3.1 updated
- go1.21-doc-1.21.3-150000.1.12.1 updated
- go1.21-1.21.3-150000.1.12.1 updated
- go1.21-race-1.21.3-150000.1.12.1 updated
- container:sles15-image-15.0.0-36.5.43 updated
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2023:3447-1
Container Tags : bci/golang:1.21 , bci/golang:1.21-1.4.13 , bci/golang:latest , bci/golang:stable , bci/golang:stable-1.4.13
Container Release : 4.13
Severity : important
Type : security
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!