RLSA-2023:0446 --- golangID: oval:org.secpod.oval:def:4501209 | Date: (C)2023-03-13 (M)2024-02-26 |
Class: PATCH | Family: unix |
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: * golang: archive/tar: unbounded memory consumption when reading headers * golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters * golang: regexp/syntax: limit memory used by parsing regexps For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Internal linking fails on ppc64le * crypto testcases fail on golang on s390x [Rocky Linux-8]
Product: |
golang |
delve |
go-toolset |