CESA-2018:0878 -- centos 7 golangID: oval:org.secpod.oval:def:204795 | Date: (C)2018-05-25 (M)2022-10-10 |
Class: PATCH | Family: unix |
The golang packages provide the Go programming language compiler. The following packages have been upgraded to a later upstream version: golang . Security Fix: * golang: arbitrary code execution during "go get" or "go get -d" * golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting * golang: arbitrary code execution during "go get" via C compiler options For more details about the security issue, including the impact, a CVSS score, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.