Download
| Alert*
oval:org.secpod.oval:def:2108552
Oracle Solaris 11 - ( CVE-2023-45289 ) oval:org.secpod.oval:def:3302457 Security update for go1.22 oval:org.secpod.oval:def:89051622 This update for go1.21 fixes the following issues: * Upgrade go to version 1.21.8 * CVE-2023-45289: net/http, net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirect * CVE-2023-45290: net/http: memory exhaustion in Request.ParseMultipartForm * CVE-2024-24783: cry ... oval:org.secpod.oval:def:5800237 The golang packages provide the Go programming language compiler. Security Fix: * golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads * golang: net/http: memory exhaustion in Request.ParseMultipartForm * golang: net/http/cookiejar: incorrect forwarding of sensitive hea ... oval:org.secpod.oval:def:509304 The golang packages provide the Go programming language compiler. Security Fix: golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads golang: net/ http: memory exhaustion in Request.ParseMultipartForm golang: net/http/cookiejar: incorrect forwarding of sensitive headers ... oval:org.secpod.oval:def:509388 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Security Fix: golang: net/http, x/net/http2: unlimited number of CONTINUATION frames causes DoS golang: net/http/cookiejar: incorrect forwarding of sensitive headers and cookies on HTTP redirec ... oval:org.secpod.oval:def:19500715 An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no mem ... oval:org.secpod.oval:def:1507500 [1.21.9-2] - Rebuilt for z-stream - Related: RHEL-24312 - Related: RHEL-28940 [1.21.9-1] - Fix CVE-2024-1394 - Fix CVE-2023-45288 - Resolves RHEL-24312 - Resolves RHEL-28940 [1.21.7-1] - Rebase to Go 1.21.7 - Set GOTOOLCHAIN to local - Resolves: RHEL-24334 - Resolves: RHEL-18364 - Resolves: RHEL-183 ... oval:org.secpod.oval:def:1507561 delve golang [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 go-toolset [1.21.9-1] - Fix CVE-2023-45288 - Resolves: RHEL-31915 oval:org.secpod.oval:def:2501448 Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. oval:org.secpod.oval:def:2600604 The golang packages provide the Go programming language compiler. oval:org.secpod.oval:def:1702297 An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no mem ... |