File _patchinfo of Package patchinfo.29337

<patchinfo incident="29337">
  <issue tracker="bnc" id="1212076">VUL-0: CVE-2023-29405: go1.19,go1.20: cmd/go: improper sanitization of LDFLAGS</issue>
  <issue tracker="bnc" id="1200441">go1.19 release tracking</issue>
  <issue tracker="bnc" id="1212073">VUL-0: CVE-2023-29402: go1.19,go1.20: cmd/go: cgo code injection</issue>
  <issue tracker="bnc" id="1212074">VUL-0: CVE-2023-29403: go1.19,go1.20: runtime: unexpected behavior of setuid/setgid binaries</issue>
  <issue tracker="bnc" id="1212075">VUL-0: CVE-2023-29404: go1.19,go1.20: cmd/go: improper sanitization of LDFLAGS</issue>
  <issue tracker="cve" id="2023-29402"/>
  <issue tracker="cve" id="2023-29403"/>
  <issue tracker="cve" id="2023-29405"/>
  <issue tracker="cve" id="2023-29404"/>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.19-openssl</summary>
  <description>This update for go1.19-openssl fixes the following issues:

Update to go1.19.10 (bsc#1200441):

- CVE-2023-29402: cmd/go: Fixed cgo code injection (bsc#1212073).
- CVE-2023-29403: runtime: Fixed unexpected behavior of setuid/setgid binaries (bsc#1212074).  
- CVE-2023-29404: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212075).                
- CVE-2023-29405: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212076).
</description>
</patchinfo>