File _patchinfo of Package patchinfo.10930

<patchinfo incident="10930">
  <issue tracker="bnc" id="1146111"></issue>
  <issue tracker="bnc" id="1146115"></issue>
  <issue tracker="bnc" id="1139210">go1.12 - doesn't install /usr/lib64/go/1.12/misc/wasm/wasm_exec.js and others</issue>
  <issue tracker="bnc" id="1141689">go1.12 release tracking</issue>
  <issue tracker="bnc" id="1146123"></issue>
  <issue tracker="cve" id="2019-9514"/>
  <issue tracker="cve" id="2019-14809"/>
  <issue tracker="cve" id="2019-9512"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>jfkw</packager>
  <description>This update for go1.12 fixes the following issues:

Security issues fixed:

- CVE-2019-9512: Fixed HTTP/2 flood using PING frames that results in unbounded memory growth (bsc#1146111).
- CVE-2019-9514: Fixed HTTP/2 implementation that is vulnerable to a reset flood, potentially leading to a denial of service (bsc#1146115).
- CVE-2019-14809: Fixed malformed hosts in URLs that leads to authorization bypass (bsc#1146123).

Bugfixes:

- Update to go version 1.12.9 (bsc#1141689).
- Adding Web Assembly stuff from misc/wasm (bsc#1139210).

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <summary>Security update for go1.12</summary>
</patchinfo>