openSUSE Security Update : go (openSUSE-2016-606)

Medium Nessus Plugin ID 91276


The remote openSUSE host is missing a security update.


This go update to version 1.6 fixes the following issues :

Security issues fixed :

- CVE-2016-3959: Infinite loop in several big integer routines (boo#974232)

- CVE-2015-8618: Carry propagation in Int.Exp Montgomery code in math/big library (boo#960151)

Bugs fixed :

- Update to version 1.6 :

- On Linux on little-endian 64-bit PowerPC (linux/ppc64le), Go 1.6 now supports cgo with external linking and is roughly feature complete.

- Vendoring support

- HTTP2 transparent support

- fix gc and gccgo incompatibility regarding embedded unexported struct types containing exported fields

- Linux on 64-bit MIPS and Android on 32-bit x86

- enforced rules for sharing Go pointers with C

- new mechanism for template reuse

- performance improvements ... and more! see more in

- Updated to version 1.5.2: This release includes bug fixes to the compiler, linker, and the mime/multipart, net, and runtime packages.

- Updated to version 1.5.1: 	This release includes bug fixes to the go command, the compiler, assembler, and the fmt, net/textproto, net/http, and runtime packages.

- Update to version 1.5 :

- see

- install shared stdlib on x86_64

- add go.gdbinit for debug friendly

- Adapt to Leap

- use gcc5-go than go1.4 is the proper requirement for Leap


Update the affected go packages.

See Also

Plugin Details

Severity: Medium

ID: 91276

File Name: openSUSE-2016-606.nasl

Version: $Revision: 2.2 $

Type: local

Agent: unix

Published: 2016/05/20

Modified: 2016/10/13

Dependencies: 12634

Risk Information

Risk Factor: Medium


Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N


Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:novell:opensuse:go, p-cpe:/a:novell:opensuse:go-debuginfo, p-cpe:/a:novell:opensuse:go-debugsource, cpe:/o:novell:opensuse:42.1

Required KB Items: Host/local_checks_enabled, Host/SuSE/release, Host/SuSE/rpm-list, Host/cpu

Patch Publication Date: 2016/05/18

Reference Information

CVE: CVE-2015-8618, CVE-2016-3959