Security update for go1.16 SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2021:4169-1 Final 1 1 2021-12-23T08:53:15Z current 2021-12-23T08:53:15Z 2021-12-23T08:53:15Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for go1.16 This update for go1.16 fixes the following issues: Updated to upstream version 1.16.12 to include security fixes to the compiler, syscall, runtime, the net/http, net/http/httptest, and time packages (bsc#1182345) - CVE-2021-44717: syscall: don't close fd 0 on ForkExec error (bsc#1193598). - CVE-2021-44716: net/http: limit growth of header canonicalization cache (bsc#1193597). The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Container bci/golang:1.16-2021-4169,Container trento/trento-runner:latest-2021-4169,SUSE-2021-4169,SUSE-SLE-Module-Development-Tools-15-SP2-2021-4169,SUSE-SLE-Module-Development-Tools-15-SP3-2021-4169,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2021-4169,SUSE-SLE-Product-HPC-15-SP2-LTSS-2021-4169,SUSE-SLE-Product-SLES-15-SP2-BCL-2021-4169,SUSE-SLE-Product-SLES-15-SP2-LTSS-2021-4169,SUSE-SLE-Product-SLES_SAP-15-SP2-2021-4169,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2021-4169,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2021-4169,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2021-4169,SUSE-Storage-7-2021-4169 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2021/suse-su-20214169-1/ Link for SUSE-SU-2021:4169-1 https://lists.suse.com/pipermail/sle-security-updates/2021-December/009938.html E-Mail link for SUSE-SU-2021:4169-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1182345 SUSE Bug 1182345 https://bugzilla.suse.com/1193597 SUSE Bug 1193597 https://bugzilla.suse.com/1193598 SUSE Bug 1193598 https://www.suse.com/security/cve/CVE-2021-44716/ SUSE CVE CVE-2021-44716 page https://www.suse.com/security/cve/CVE-2021-44717/ SUSE CVE CVE-2021-44717 page Container bci/golang:1.16 Container trento/trento-runner:latest SUSE Enterprise Storage 7 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS SUSE Linux Enterprise Module for Development Tools 15 SP2 SUSE Linux Enterprise Module for Development Tools 15 SP3 SUSE Linux Enterprise Server 15 SP2-BCL SUSE Linux Enterprise Server 15 SP2-LTSS SUSE Linux Enterprise Server for SAP Applications 15 SP2 SUSE Manager Proxy 4.1 SUSE Manager Retail Branch Server 4.1 SUSE Manager Server 4.1 go1.16-1.16.12-1.37.2 go1.16-doc-1.16.12-1.37.2 go1.16-race-1.16.12-1.37.2 go1.16-1.16.12-1.37.2 as a component of Container bci/golang:1.16 go1.16-1.16.12-1.37.2 as a component of Container trento/trento-runner:latest go1.16-1.16.12-1.37.2 as a component of SUSE Enterprise Storage 7 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Enterprise Storage 7 go1.16-race-1.16.12-1.37.2 as a component of SUSE Enterprise Storage 7 go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP2 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP2 go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP2 go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP3 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP3 go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Module for Development Tools 15 SP3 go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-BCL go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-BCL go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-BCL go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server 15 SP2-LTSS go1.16-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 go1.16-race-1.16.12-1.37.2 as a component of SUSE Linux Enterprise Server for SAP Applications 15 SP2 go1.16-1.16.12-1.37.2 as a component of SUSE Manager Proxy 4.1 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Manager Proxy 4.1 go1.16-race-1.16.12-1.37.2 as a component of SUSE Manager Proxy 4.1 go1.16-1.16.12-1.37.2 as a component of SUSE Manager Retail Branch Server 4.1 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Manager Retail Branch Server 4.1 go1.16-race-1.16.12-1.37.2 as a component of SUSE Manager Retail Branch Server 4.1 go1.16-1.16.12-1.37.2 as a component of SUSE Manager Server 4.1 go1.16-doc-1.16.12-1.37.2 as a component of SUSE Manager Server 4.1 go1.16-race-1.16.12-1.37.2 as a component of SUSE Manager Server 4.1 net/http in Go before 1.16.12 and 1.17.x before 1.17.5 allows uncontrolled memory consumption in the header canonicalization cache via HTTP/2 requests. CVE-2021-44716 Container bci/golang:1.16:go1.16-1.16.12-1.37.2 Container trento/trento-runner:latest:go1.16-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-doc-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-race-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-race-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-race-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-race-1.16.12-1.37.2 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20214169-1/ https://www.suse.com/security/cve/CVE-2021-44716.html CVE-2021-44716 https://bugzilla.suse.com/1193597 SUSE Bug 1193597 Go before 1.16.12 and 1.17.x before 1.17.5 on UNIX allows write operations to an unintended file or unintended network connection as a consequence of erroneous closing of file descriptor 0 after file-descriptor exhaustion. CVE-2021-44717 Container bci/golang:1.16:go1.16-1.16.12-1.37.2 Container trento/trento-runner:latest:go1.16-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-doc-1.16.12-1.37.2 SUSE Enterprise Storage 7:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP2:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Module for Development Tools 15 SP3:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-BCL:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server 15 SP2-LTSS:go1.16-race-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-doc-1.16.12-1.37.2 SUSE Linux Enterprise Server for SAP Applications 15 SP2:go1.16-race-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Proxy 4.1:go1.16-race-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Retail Branch Server 4.1:go1.16-race-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-doc-1.16.12-1.37.2 SUSE Manager Server 4.1:go1.16-race-1.16.12-1.37.2 moderate 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2021/suse-su-20214169-1/ https://www.suse.com/security/cve/CVE-2021-44717.html CVE-2021-44717 https://bugzilla.suse.com/1193598 SUSE Bug 1193598