Scientific Linux Security Update : golang on
Medium Nessus Plugin ID 102643
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionThe following packages have been upgraded to a later upstream version:
Security Fix(es) :
- A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could possibly use this flaw to extract private keys when static ECDH was used. (CVE-2017-8932)
SolutionUpdate the affected packages.