Scientific Linux Security Update : golang on SL7.x (noarch)
High Nessus Plugin ID 109448
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionThe following packages have been upgraded to a later upstream version:
Security Fix(es) :
- golang: arbitrary code execution during 'go get' or 'go get -d' (CVE-2017-15041)
- golang: smtp.PlainAuth susceptible to man-in-the-middle password harvesting (CVE-2017-15042)
- golang: arbitrary code execution during 'go get' via C compiler options (CVE-2018-6574)
Additional Changes :
SolutionUpdate the affected packages.