Advisories » MGASA-2023-0349

Updated golang packages fix security vulnerabilities

Publication date: 17 Dec 2023
Modification date: 17 Dec 2023
Type: security
Affected Mageia releases : 8 , 9
CVE: CVE-2023-39326 , CVE-2023-45283 , CVE-2023-45285

Description

Update to upstream golang 1.21.5 to fix CVE2023-39326 and
CVE-2023-4528[35]
In Mageia 8, this update also allows build nodes to build docker stack
                

References

• https://bugs.mageia.org/show_bug.cgi?id=32622
• https://www.openwall.com/lists/oss-security/2023/12/05/2
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-39326
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45283
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45285

SRPMS

8/core

• golang-1.21.5-1.mga8

9/core

• golang-1.21.5-1.mga9