Overview

File _patchinfo of Package patchinfo.17901

<patchinfo incident="17901">
  <issue tracker="cve" id="2021-3115"/>
  <issue tracker="cve" id="2021-3114"/>
  <issue tracker="bnc" id="1181145">VUL-0: CVE-2021-3114: go1.15,go1.14: go: crypto/elliptic: incorrect operations on the P-224 curve</issue>
  <issue tracker="bnc" id="1164903">go1.14 release tracking</issue>
  <issue tracker="bnc" id="1181146">VUL-0: CVE-2021-3115: go1.15,go1.14: go: cmd/go: packages using cgo can cause arbitrary code execution at build time</issue>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.14</summary>
  <description>This update for go1.14 fixes the following issues:

Go was updated to version 1.14.14 (bsc#1164903).

Security issues fixed:

- CVE-2021-3114: Fixed incorrect operations on the P-224 curve in crypto/elliptic (bsc#1181145).
- CVE-2021-3115: Fixed a potential arbitrary code execution in the build process (bsc#1181146).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places