SUSE: 2023:3785-1 Important: Bci/Golang Container Update
suse
November 21, 2023
The container bci/golang was updated
Summary
Advisory ID: SUSE-OU-2023:2601-1 Released: Wed Jun 21 15:42:34 2023 Summary: Optional update for go1.20-openssl Type: optional Severity: moderate Advisory ID: SUSE-SU-2023:3002-1 Released: Thu Jul 27 12:38:13 2023 Summary: Security update for go1.20-openssl Type: security Severity: moderate Advisory ID: SUSE-SU-2023:3840-1 Released: Wed Sep 27 19:34:42 2023 Summary: Security update for go1.20-openssl
References
References : 1206346 1206346 1206346 1213229 1213880 1215084 1215085 1215090
1215985 1216109 1216943 1216944 CVE-2023-29406 CVE-2023-29409
CVE-2023-39318 CVE-2023-39319 CVE-2023-39323 CVE-2023-39325 CVE-2023-44487
CVE-2023-45283 CVE-2023-45284
This update for go1.20-openssl fixes the following issues:
This update delivers a go1.20 1.20.5.2 package built with its cryptography
using the system openssl library. (jsc#SLE-18320 jsc#PED-1962)
This allows GO binaries built with go1.20-openssl to be operating in FIPS 140-2/3 mode.
1206346,1213229,CVE-2023-29406
This update for go1.20-openssl fixes the following issues:
Update to version 1.20.6.1 (bsc#1206346):
- CVE-2023-29406: Fixed insufficient sanitization of Host header (bsc#1213229).
PREVIOUS
NEXT
Severity
important
Lowest
Low
Medium
High
Critical
Container Advisory ID : SUSE-CU-2023:3785-1
Container Tags : bci/golang:1.20-openssl , bci/golang:1.20-openssl-8.2 , bci/golang:oldstable-openssl , bci/golang:oldstable-openssl-8.2
Container Release : 8.2
Severity : important
Type : security
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!