Overview

File _patchinfo of Package patchinfo.21702

<patchinfo incident="21702">
  <issue tracker="bnc" id="1182345">go1.16 release tracking</issue>
  <issue tracker="bnc" id="1191468">VUL-0: CVE-2021-38297: go1.15,go1.16,go1.17: misc/wasm, cmd/link: do not let command line args overwrite global data</issue>
  <issue tracker="bnc" id="1192377">VUL-0: CVE-2021-41771: go1.16,go1.17: debug/macho: invalid dynamic symbol table command can cause panic</issue>
  <issue tracker="bnc" id="1192378">VUL-0: CVE-2021-41772: go1.16,go1.17: archive/zip: don't panic on (*Reader).Open</issue>
  <issue tracker="cve" id="2021-38297"/>
  <issue tracker="cve" id="2021-41771"/>
  <issue tracker="cve" id="2021-41772"/>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.16</summary>
  <description>This update for go1.16 fixes the following issues:

Security update go1.16.10 (released 2021-11-04) (bsc#1182345).

- CVE-2021-41771: Fixed invalid dynamic symbol table command that could have caused panic (bsc#1192377).
- CVE-2021-41772: Fixed panic on (*Reader).Open (bsc#1192378).
- CVE-2021-38297: Fixed command line args do not overwrite global data (bsc#1191468).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places