File _patchinfo of Package patchinfo.18712
<patchinfo incident="18712">
<issue tracker="cve" id="2021-27919"/>
<issue tracker="cve" id="2021-27918"/>
<issue tracker="bnc" id="1182345">go1.16 release tracking</issue>
<issue tracker="bnc" id="1183334">VUL-0: CVE-2021-27919: go1.16: go: archive/zip: can panic when calling Reader.Open</issue>
<issue tracker="bnc" id="1183333">VUL-0: CVE-2021-27918: go1.15,go1.16: go: encoding/xml: infinite loop when using `xml.NewTokenDecoder` with a custom `TokenReader`</issue>
<packager>jfkw</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for go1.16</summary>
<description>This update for go1.16 fixes the following issues:
- go1.16.2 (released 2021-03-11) (bsc#1182345)
- go1.16.1 (released 2021-03-10) (bsc#1182345)
- CVE-2021-27918: Fixed an infinite loop when using xml.NewTokenDecoder with a custom TokenReader (bsc#1183333).
- CVE-2021-27919: Fixed an issue where archive/zip: can panic when calling Reader.Open (bsc#1183334).
</description>
</patchinfo>