File _patchinfo of Package patchinfo.29306

<patchinfo incident="29306">
  <issue tracker="bnc" id="1200441">go1.19 release tracking</issue>
  <issue tracker="bnc" id="1212076">VUL-0: CVE-2023-29405: go1.19,go1.20: cmd/go: improper sanitization of LDFLAGS</issue>
  <issue tracker="bnc" id="1212075">VUL-0: CVE-2023-29404: go1.19,go1.20: cmd/go: improper sanitization of LDFLAGS</issue>
  <issue tracker="bnc" id="1212073">VUL-0: CVE-2023-29402: go1.19,go1.20: cmd/go: cgo code injection</issue>
  <issue tracker="bnc" id="1212074">VUL-0: CVE-2023-29403: go1.19,go1.20: runtime: unexpected behavior of setuid/setgid binaries</issue>
  <issue tracker="cve" id="2023-29402"/>
  <issue tracker="cve" id="2023-29404"/>
  <issue tracker="cve" id="2023-29403"/>
  <issue tracker="cve" id="2023-29405"/>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.19</summary>
  <description>This update for go1.19 fixes the following issues:

Update to go1.19.10 (bsc#1200441):

- CVE-2023-29402: cmd/go: Fixed cgo code injection (bsc#1212073).                                                                                                                              
- CVE-2023-29403: runtime: Fixed unexpected behavior of setuid/setgid binaries (bsc#1212074).                                                                                                  
- CVE-2023-29404: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212075).                                                                                                                
- CVE-2023-29405: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212076).                                                                                                                
</description>
</patchinfo>