Overview

File _patchinfo of Package patchinfo.18712

<patchinfo incident="18712">
  <issue tracker="cve" id="2021-27919"/>
  <issue tracker="cve" id="2021-27918"/>
  <issue tracker="bnc" id="1182345">go1.16 release tracking</issue>
  <issue tracker="bnc" id="1183334">VUL-0: CVE-2021-27919: go1.16: go: archive/zip: can panic when calling Reader.Open</issue>
  <issue tracker="bnc" id="1183333">VUL-0: CVE-2021-27918: go1.15,go1.16: go: encoding/xml: infinite loop when using `xml.NewTokenDecoder` with a custom `TokenReader`</issue>
  <packager>jfkw</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for go1.16</summary>
  <description>This update for go1.16 fixes the following issues:

- go1.16.2 (released 2021-03-11) (bsc#1182345) 
- go1.16.1 (released 2021-03-10) (bsc#1182345) 
  - CVE-2021-27918: Fixed an infinite loop when using xml.NewTokenDecoder with a custom TokenReader (bsc#1183333).
  - CVE-2021-27919: Fixed an issue where archive/zip: can panic when calling Reader.Open (bsc#1183334).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places