Overview

File _patchinfo of Package patchinfo.17902

<patchinfo incident="17902">
  <issue tracker="cve" id="2021-3114"/>
  <issue tracker="cve" id="2021-3115"/>
  <issue tracker="bnc" id="1181145">VUL-0: CVE-2021-3114: go1.15,go1.14: go: crypto/elliptic: incorrect operations on the P-224 curve</issue>
  <issue tracker="bnc" id="1175132">go1.15 release tracking</issue>
  <issue tracker="bnc" id="1181146">VUL-0: CVE-2021-3115: go1.15,go1.14: go: cmd/go: packages using cgo can cause arbitrary code execution at build time</issue>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.15</summary>
  <description>This update for go1.15 fixes the following issues:

Go was updated to version 1.15.7 (bsc#1175132).

Security issues fixed:

- CVE-2021-3114: Fixed incorrect operations on the P-224 curve in crypto/elliptic (bsc#1181145).
- CVE-2021-3115: Fixed a potential arbitrary code execution in the build process (bsc#1181146).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places