RHSA-2021:5176: Important: go-toolset-1.16 and go-toolset-1.16-golang security and bug fix update
Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.<br>Security Fix(es):<br><li> golang: net/<a href="http:" target="blank">http:</a> limit growth of header canonicalization cache (CVE-2021-44716)</li> <li> golang: syscall: don't close fd 0 on ForkExec error (CVE-2021-44717)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Rebase Go to 1.16.12 [devtools-2021.4.z] (BZ#2031148)</li>
Affected Software
Remediation
Event History
Frequently Asked Questions
What is the severity of RHSA-2021:5176?
The severity of RHSA-2021:5176 is categorized as moderate.
How do I fix RHSA-2021:5176?
To fix RHSA-2021:5176, upgrade to Go Toolset version 1.16-1.16.12-1.el7_9.
What vulnerabilities are addressed in RHSA-2021:5176?
RHSA-2021:5176 addresses vulnerabilities related to the header canonicalization cache in the Go programming language.
Which systems are affected by RHSA-2021:5176?
RHSA-2021:5176 affects systems running version 1.16 of the Go Toolset on Red Hat Enterprise Linux.
When was RHSA-2021:5176 released?
RHSA-2021:5176 was released on December 8, 2021.