Updated golang packages fix security vulnerability
Publication date: 15 Apr 2020Modification date: 15 Apr 2020
Type: security
Affected Mageia releases : 7
CVE: CVE-2020-7919
Description
Updated golang packages fix security vulnerability: An integer overflow vulnerability was found in the Go crypto/x509 and golang.org/x/crypto/cryptobyte libraries on 32-bit architectures. A remote attacker could exploit this by supplying a crafted x.509 certificate, or other ASN.1 structure, as either a client or server to crash vulnerable Go applications (CVE-2020-7919).
References
SRPMS
7/core
- golang-1.12.17-1.mga7