ELA-600-1 golang security update

Debian 9920 Published 2022-04-29 05:16 by Philipp Esselbach

News

A golang security update has been released for Debian GNU/Linux 8 Extended LTS to address an issue.

ELA-600-1 golang security update

Package golang
Version 2:1.3.3-1+deb8u5
Related CVEs CVE-2022-23806

In the Go programming language, Curve.IsOnCurve in crypto/elliptic can incorrectly return true in situations with a big.Int value that is not a valid field element. Operating on those values may cause a panic or an invalid curve operation.

For Debian 8 jessie, these problems have been fixed in version 2:1.3.3-1+deb8u5.

We recommend that you upgrade your golang packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/
ELA-600-1 golang security update

USN-5395-1: networkd-dispatcher vulnerabilities

How to Upgrade Apache on Debian 11 Bullseye

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...

ELA-600-1 golang security update

Windows

Linux

macOS

Community