Overview

File _patchinfo of Package patchinfo.23539

<patchinfo incident="23539">
  <issue tracker="bnc" id="1183043">go compilers need binutils-gold on aarch64 (and armv7)</issue>
  <issue tracker="bnc" id="1196732">VUL-0: CVE-2022-24921: go1.17,go1.16: regexp: stack overflow (process exit) handling deeply nested regexp</issue>
  <issue tracker="bnc" id="1190649">go1.17 release tracking</issue>
  <issue tracker="cve" id="2022-24921"/>
  <packager>jfkw</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for go1.17</summary>
  <description>This update for go1.17 fixes the following issues:

Update to version 1.17.8 (bsc#1190649):
  - CVE-2022-24921: Fixed a potential denial of service via large regular
    expressions (bsc#1196732).

Non-security fixes:
  - Fixed an issue with v2 modules (go#51332).
  - Fixed an issue when building source in riscv64 (go#51199).
  - Increased compatibility for the DNS protocol in the net module (go#51162).
  - Fixed an issue with histograms in the runtime/metrics module (go#50734).
  - Fixed an issue when parsing x509 certificates (go#51000).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places