SUSE: 2024:0936-1 Important: Go Memory Issues and Security Fixes

suse

March 22, 2024

* bsc#1218424 * bsc#1219988 * bsc#1220999 * bsc#1221000 * bsc#1221001

Summary

## This update for go1.22 fixes the following issues: * go1.22.1 (released 2024-03-05) includes security fixes to the crypto/x509, html/template, net/http, net/http/cookiejar, and net/mail packages, as well as bug fixes to the compiler, the go command, the runtime, the trace command, and the go/types and net/http packages. (bsc#1218424) CVE-2023-45289 CVE-2023-45290 CVE-2024-24783 CVE-2024-24784 CVE-2024-24785 * go#65831 go#65390 bsc#1220999 security: fix CVE-2024-24783 crypto/x509: Verify panics on certificates with an unknown public key algorithm * go#65849 go#65083 bsc#1221002 security: fix CVE-2024-24784 net/mail: comments in display names are incorrectly handled * go#65850 go#65383 bsc#1221001 security: fix CVE-2023-45290 net/http: memory exhaustion in Request.ParseMultipartForm

Topics Covered

security advisory software update security fix important memory issue suse linux package list

References

* bsc#1218424

* bsc#1219988

* bsc#1220999

* bsc#1221000

* bsc#1221001

* bsc#1221002

* bsc#1221003

Cross-

* CVE-2023-45289

* CVE-2023-45290

* CVE-2024-24783

* CVE-2024-24784

* CVE-2024-24785

CVSS scores:

* CVE-2023-45289 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

* CVE-2023-45290 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-24783 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

* CVE-2024-24784 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

* CVE-2024-24785 ( SUSE ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Affected Products:

* SUSE Linux Enterprise High Performance Computing 12 SP5

* SUSE Linux Enterprise Server 12 SP5

* SUSE Linux Enterprise Server for SAP Applications 12 SP5

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2024:0936-1

Rating: important

Topics Covered

security advisory software update security fix important memory issue suse linux package list

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

SUSE: 2024:0936-1 Important: Go Memory Issues and Security Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

SUSE: 2024:0936-1 Important: Go Memory Issues and Security Fixes

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!