{"affected":[{"ecosystem_specific":{"binaries":[{"go":"1.9.4-15.1","go-doc":"1.9.4-15.1","go-race":"1.9.4-15.1","go1.9":"1.9.4-5.1","go1.9-doc":"1.9.4-5.1","go1.9-race":"1.9.4-5.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"go","purl":"pkg:rpm/suse/go&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.9.4-15.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"go":"1.9.4-15.1","go-doc":"1.9.4-15.1","go-race":"1.9.4-15.1","go1.9":"1.9.4-5.1","go1.9-doc":"1.9.4-5.1","go1.9-race":"1.9.4-5.1"}]},"package":{"ecosystem":"SUSE:Package Hub 12","name":"go1.9","purl":"pkg:rpm/suse/go1.9&distro=SUSE%20Package%20Hub%2012"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.9.4-5.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for go fixes the following issues:\n\nSecurity issues fix in version 1.9.4:\n\n- CVE-2018-6574: 'go get' remote command execution during source code build (bsc#1080006).\n\nBug fixes:\n\n- bsc#1082409: Review dependencies (requires, recommends and supports).\n\nThis update was imported from the SUSE:SLE-12:Update update project.","id":"openSUSE-SU-2018:0588-1","modified":"2018-03-02T15:17:34Z","published":"2018-03-02T15:17:34Z","references":[{"type":"ADVISORY","url":null},{"type":"REPORT","url":"https://bugzilla.suse.com/1080006"},{"type":"REPORT","url":"https://bugzilla.suse.com/1082409"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2018-6574"}],"related":["CVE-2018-6574"],"summary":"Security update for go","upstream":["CVE-2018-6574"]}