This script is Copyright (C) 2016 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
This update for go fixes the following issues :
- CVE-2015-5739: 'Content Length' treated as valid header
- CVE-2015-5740: Double content-length headers does not
return 400 error
- CVE-2015-5741: Additional hardening, not sending
Content-Length w/Transfer-Encoding, Closing connections
Go was updated to 1.4.3 with the following additional changes :
- build: remove -Werror from cmd/dist
- runtime: panic when accessing an empty struct value
appended to an uninitialized slice
- runtime: garbage collector found invalid heap pointer
iterating over map
See also :
Update the affected go packages.
Risk factor :