{"affected":[{"ecosystem_specific":{"binaries":[{"go1.19":"1.19.10-150000.1.34.1","go1.19-doc":"1.19.10-150000.1.34.1","go1.19-race":"1.19.10-150000.1.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP4","name":"go1.19","purl":"pkg:rpm/suse/go1.19&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.10-150000.1.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"go1.19":"1.19.10-150000.1.34.1","go1.19-doc":"1.19.10-150000.1.34.1","go1.19-race":"1.19.10-150000.1.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Development Tools 15 SP5","name":"go1.19","purl":"pkg:rpm/suse/go1.19&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Development%20Tools%2015%20SP5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.10-150000.1.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"go1.19":"1.19.10-150000.1.34.1","go1.19-doc":"1.19.10-150000.1.34.1","go1.19-race":"1.19.10-150000.1.34.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Real Time 15 SP3","name":"go1.19","purl":"pkg:rpm/suse/go1.19&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.10-150000.1.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"go1.19":"1.19.10-150000.1.34.1","go1.19-doc":"1.19.10-150000.1.34.1","go1.19-race":"1.19.10-150000.1.34.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.4","name":"go1.19","purl":"pkg:rpm/opensuse/go1.19&distro=openSUSE%20Leap%2015.4"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.10-150000.1.34.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"go1.19":"1.19.10-150000.1.34.1","go1.19-doc":"1.19.10-150000.1.34.1","go1.19-race":"1.19.10-150000.1.34.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.5","name":"go1.19","purl":"pkg:rpm/opensuse/go1.19&distro=openSUSE%20Leap%2015.5"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.19.10-150000.1.34.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for go1.19 fixes the following issues:\n\nUpdate to go1.19.10 (bsc#1200441):\n\n- CVE-2023-29402: cmd/go: Fixed cgo code injection (bsc#1212073).                                                                                                                              \n- CVE-2023-29403: runtime: Fixed unexpected behavior of setuid/setgid binaries (bsc#1212074).                                                                                                  \n- CVE-2023-29404: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212075).                                                                                                                \n- CVE-2023-29405: cmd/go: Fixed improper sanitization of LDFLAGS (bsc#1212076).                                                                                                                \n","id":"SUSE-SU-2023:2525-1","modified":"2023-06-16T15:33:08Z","published":"2023-06-16T15:33:08Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2023/suse-su-20232525-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1200441"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212073"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212074"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212075"},{"type":"REPORT","url":"https://bugzilla.suse.com/1212076"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-29402"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-29403"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-29404"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2023-29405"}],"related":["CVE-2023-29402","CVE-2023-29403","CVE-2023-29404","CVE-2023-29405"],"summary":"Security update for go1.19","upstream":["CVE-2023-29402","CVE-2023-29403","CVE-2023-29404","CVE-2023-29405"]}