Explore top 10 tips to secure your open-source projects now. Read More
×
Several security issues were fixed in Go.
Software Description:
- golang-1.18: Go programming language compiler - metapackage
Details:
Philippe Antoine discovered that Go incorrectly handled crafted HTTP/2
streams. An attacker could possibly use this issue to cause a denial of
service. (CVE-2022-41723)
Marten Seemann discovered that Go did not properly manage memory under
certain circumstances. An attacker could possibly use this issue to cause
a panic resulting in a denial of service. (CVE-2022-41724)
Ameya Darshan and Jakob Ackermann discovered that Go did not properly
validate the amount of memory and disk files ReadForm can consume. An
attacker could possibly use this issue to cause a panic resulting in a
denial of service. (CVE-2022-41725)
Hunter Wittenborn discovered that Go incorrectly handled the sanitization
of environment variables. An attacker could possibly use this issue to run
arbitrary commands. (CVE-2023-24531)
Jakob Ackermann discove...
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS
golang-1.18 1.18.1-1ubuntu1.2
golang-1.18-go 1.18.1-1ubuntu1.2
golang-1.18-src 1.18.1-1ubuntu1.2
Ubuntu 20.04 LTS
golang-1.18 1.18.1-1ubuntu1~20.04.3
golang-1.18-go 1.18.1-1ubuntu1~20.04.3
golang-1.18-src 1.18.1-1ubuntu1~20.04.3
Ubuntu 18.04 LTS
golang-1.18 1.18.1-1ubuntu1~18.04.4+esm1
Available with Ubuntu Pro
golang-1.18-go 1.18.1-1ubuntu1~18.04.4+esm1
Available with Ubuntu Pro
golang-1.18-src 1.18.1-1ubuntu1~18.04.4+esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
golang-1.18 1.18.1-1ubuntu1~16.04.6+esm1
Available with Ubuntu Pro
golang-1.18-go 1.18.1-1ubuntu1~16.04.6+esm1
Available with Ubuntu Pro
golang-1.18-src 1.18.1-1ubuntu1~16.04.6+esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.https://ubuntu.com/security/notices/USN-7109-1
CVE-2022-41723, CVE-2022-41724, CVE-2022-41725, CVE-2023-24531,
CVE-2023-24536, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404,
CVE-2023-29405, CVE-2023-29406, CVE-2023-39318, CVE-2023-39319,
CVE-2023-39323, CVE-2023-39325, CVE-2023-45288, CVE-2023-45290,
CVE-2024-24783, CVE-2024-24784, CVE-2024-24785, CVE-2024-24789,
CVE-2024-24790, CVE-2024-24791, CVE-2024-34155, CVE-2024-34156,
CVE-2024-34158
Get the latest Linux and open source security news straight to your inbox.