Overview

File _patchinfo of Package patchinfo.18709

<patchinfo incident="18709">
  <issue tracker="cve" id="2021-27919"/>
  <issue tracker="cve" id="2021-27918"/>
  <issue tracker="bnc" id="1183333">VUL-0: CVE-2021-27918: go1.15,go1.16: go: encoding/xml: infinite loop when using `xml.NewTokenDecoder` with a custom `TokenReader`</issue>
  <issue tracker="bnc" id="1183334">VUL-0: CVE-2021-27919: go1.16: go: archive/zip: can panic when calling Reader.Open</issue>
  <issue tracker="bnc" id="1182345">go1.16 release tracking</issue>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.16</summary>
  <description>This update for go1.16 fixes the following issues:

- go1.16.1 was updated to 1.16.1 (bsc#1182345) 
- CVE-2021-27918: Fixed an infinite loop when using xml.NewTokenDecoder with a custom TokenReader (bsc#1183333).
- CVE-2021-27919: Fixed an issue where archive/zip: can panic when calling Reader.Open (bsc#1183334).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places