Overview

File _patchinfo of Package patchinfo.20359

<patchinfo incident="20359">
  <issue tracker="cve" id="2021-34558"/>
  <issue tracker="bnc" id="1188229">VUL-0: CVE-2021-34558: go1.16,go1.15: go: crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters</issue>
  <issue tracker="bnc" id="1175132">go1.15 release tracking</issue>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.15</summary>
  <description>This update for go1.15 fixes the following issues:

- go1.15.14 (released 2021-07-12) includes a security fix to the
  crypto/tls package, as well as bug fixes to the linker, and the
  net package.
  CVE-2021-34558
  Refs bsc#1175132 go1.15 release tracking
  * bsc#1188229 go#47143 CVE-2021-34558
  * go#47144 security: fix CVE-2021-34558
  * go#47012 net: LookupMX behaviour broken
  * go#46994 net: TestCVE202133195 fails if /etc/resolv.conf specifies ndots larger than 3
  * go#46768 syscall: TestGroupCleanupUserNamespace test failure on Fedora
  * go#46684 x/build/cmd/release: linux-armv6l release tests aren't passing
  * go#46656 runtime: deeply nested struct initialized with non-zero values

- Fix extraneous trailing percent character %endif% in spec file.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places