Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE Linux 15 Moderate Update: Go1.21-OpenSSL Security Issues Fix

suse
Calendar Grey November 16, 2023
Dist Suse Esm H88
The recent update resolves numerous concerns in go1.21-openssl across different SUSE platforms and strengthens overall protection.
* bsc#1212475 * bsc#1212667 * bsc#1212669 * bsc#1215084 * bsc#1215085

Summary

## This update for go1.21-openssl fixes the following issues: Update to version 1.21.4.1 cut from the go1.21-openssl-fips branch at the revision tagged go1.21.4-1-openssl-fips. * Update to go1.21.4 go1.21.4 (released 2023-11-07) includes security fixes to the path/filepath package, as well as bug fixes to the linker, the runtime, the compiler, and the go/types, net/http, and runtime/cgo packages. * security: fix CVE-2023-45283 CVE-2023-45284 path/filepath: insecure parsing of Windows paths (bsc#1216943, bsc#1216944) * spec: update unification rules * cmd/compile: internal compiler error: expected struct value to have type struct * cmd/link: split text sections for arm 32-bit * runtime: MADV_COLLAPSE causes production performance issues on Linux

Topics%20covered

Topics Covered

security advisory moderate security issue development tools SUSE Linux openSUSE go1.21-openssl

References

* bsc#1212475

* bsc#1212667

* bsc#1212669

* bsc#1215084

* bsc#1215085

* bsc#1215086

* bsc#1215087

* bsc#1215090

* bsc#1215985

* bsc#1216109

* bsc#1216943

* bsc#1216944

* jsc#SLE-18320

Cross-

* CVE-2023-39318

* CVE-2023-39319

* CVE-2023-39320

* CVE-2023-39321

* CVE-2023-39322

* CVE-2023-39323

* CVE-2023-39325

* CVE-2023-44487

* CVE-2023-45283

* CVE-2023-45284

CVSS scores:

* CVE-2023-39318 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

* CVE-2023-39318 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2023-39319 ( SUSE ): 6.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N

* CVE-2023-39319 ( NVD ): 6.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

* CVE-2023-39320 ( SUSE ): 7.7 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Announcement ID: SUSE-SU-2023:4469-1
Rating: moderate

Topics%20covered

Topics Covered

security advisory moderate security issue development tools SUSE Linux openSUSE go1.21-openssl

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here