go-toolset:rhel8 security and bug fix update
エラータID: AXSA:2022-3717:01
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.
Security Fix(es):
* golang: encoding/pem: fix stack overflow in Decode (CVE-2022-24675)
* golang: crypto/elliptic: panic caused by oversized scalar (CVE-2022-28327)
* golang: syscall: faccessat checks wrong group (CVE-2022-29526)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* Update to Go 1.17.10
CVE-2022-24675
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
CVE-2022-28327
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
CVE-2022-29526
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
Modularity name: go-toolset
Stream name: rhel8
Update packages.
encoding/pem in Go before 1.17.9 and 1.18.x before 1.18.1 has a Decode stack overflow via a large amount of PEM data.
The generic P-256 feature in crypto/elliptic in Go before 1.17.9 and 1.18.x before 1.18.1 allows a panic via long scalar input.
Go before 1.17.10 and 1.18.x before 1.18.2 has Incorrect Privilege Assignment. When called with a non-zero flags parameter, the Faccessat function could incorrectly report that a file is accessible.
N/A
SRPMS
- delve-1.7.2-1.module+el8+1493+f5bc6c0d.src.rpm
MD5: 29b9efbce0627677db6f25691b2f385f
SHA-256: 72ee8811a145433d02d0968a2ecb2b40acc289b690cc49a85730fe0317f0c59c
Size: 8.10 MB - golang-1.17.10-1.module+el8+1493+f5bc6c0d.src.rpm
MD5: 5cfbdcaf72af6f44f6d22555c40a8cf7
SHA-256: e98192a7fa0ac263d8752d54ec9c531c43a2575ac7d00fbec9e2a1d6b51ed3d4
Size: 21.01 MB - go-toolset-1.17.10-1.module+el8+1493+f5bc6c0d.src.rpm
MD5: bb782382cfeec18395f1b5f46612868c
SHA-256: 961c582224a6bfd8259e64fccd4f561314e940fdf3cbec69bb61783a221cbdd2
Size: 13.49 kB
Asianux Server 8 for x86_64
- delve-1.7.2-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: 78e5e58898252bd5ed005c0263504af3
SHA-256: 7c577ea0c87f5aff281406616a09c6cd3b0ea1266cec25d387a9f0052f68bd07
Size: 3.70 MB - delve-debugsource-1.7.2-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: 345c37e9304f014a95fa754880ed2f45
SHA-256: bbce42fc027ff9519813df77272f0e684cc208dcbbba7adafc9149cae0bb6f51
Size: 827.49 kB - golang-1.17.10-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: f48fcca82a9b3c06876a367a4546138c
SHA-256: 0f7ca657720751614b0aea5c9c8e49ae478f5fd957feac355de280cb3843d3b7
Size: 690.19 kB - golang-bin-1.17.10-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: a48b3c4b54bd88e6361a727aebfdaff8
SHA-256: be0e7e70e02b1e3899d6ec340ee55d55889888777733b8cb0fa66c52532ff0e8
Size: 98.57 MB - golang-docs-1.17.10-1.module+el8+1493+f5bc6c0d.noarch.rpm
MD5: 2144eb4d832302a07f6f95f417a884fb
SHA-256: 7a4761d2fdbb813a73e8c6ffb6a75a24b3980972c34cfb8908714ebb04cd468f
Size: 112.06 kB - golang-misc-1.17.10-1.module+el8+1493+f5bc6c0d.noarch.rpm
MD5: 874427e0aa461faf38470f5b7b3991fc
SHA-256: 412c5c497d3a6b2381e3e47c60e0215968b794dfe4023320f289fc45990cb7b4
Size: 839.69 kB - golang-race-1.17.10-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: 11574d1d14fd567d50c88afc1ab193fb
SHA-256: d8ab7bf5d0e78f8c1d9f0d48153e210e421401653c59e777c28bb5a0c0c97d63
Size: 19.24 MB - golang-src-1.17.10-1.module+el8+1493+f5bc6c0d.noarch.rpm
MD5: 78b25a66e527e2dadeb6dca90edcbcda
SHA-256: 25148b3b0d403b52975799060946257f2f0fc84ba38ebdd3ee16e813bdc21525
Size: 8.97 MB - golang-tests-1.17.10-1.module+el8+1493+f5bc6c0d.noarch.rpm
MD5: d08ab77c08f2fca24db514f8726c0d53
SHA-256: 9f18bdb29cb0c37b85944230e89f8d3edd3fd0edfe9bd8791af56c449b63374d
Size: 7.44 MB - go-toolset-1.17.10-1.module+el8+1493+f5bc6c0d.x86_64.rpm
MD5: 970fa2702f347d76b752190173589057
SHA-256: 5529a2dbe98b939e1b2e679a88e3ce1aa529d66bb381b9edf35a1388ad6265c4
Size: 11.81 kB
日本語