Go 1.18.7 and 1.19.2 have been released on October 4, fixing security issues: https://groups.google.com/g/golang-announce/c/xtuG5faxtaU Fedora has issued an advisory for this today (October 14): https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/SWGSHGPO6S5363G5FSISXYXICE3YJRKU/ Mageia 8 is also affected.
Whiteboard: (none) => MGA8TOOStatus comment: (none) => Fixed upstream in 1.18.7 and 1.19.2
1.19.2 on its way for cauldron
CC: (none) => bruno
1.18.7 on its way for mag8 in updates_testing. SRPMS/golang-1.18.7-1.mga8.src.rpm RPMS/noarch/golang-docs-1.18.7-1.mga8.noarch.rpm RPMS/noarch/golang-misc-1.18.7-1.mga8.noarch.rpm RPMS/x86_64/golang-1.18.7-1.mga8.x86_64.rpm RPMS/noarch/golang-tests-1.18.7-1.mga8.noarch.rpm RPMS/noarch/golang-src-1.18.7-1.mga8.noarch.rpm RPMS/x86_64/golang-race-1.18.7-1.mga8.x86_64.rpm RPMS/x86_64/golang-shared-1.18.7-1.mga8.x86_64.rpm RPMS/x86_64/golang-bin-1.18.7-1.mga8.x86_64.rpm
Version: Cauldron => 8Whiteboard: MGA8TOO => (none)Status: NEW => ASSIGNEDStatus comment: Fixed upstream in 1.18.7 and 1.19.2 => (none)Assignee: bruno => qa-bugs
mga8, x86_64 Noted the new package golang-race. Smooth update. Successful local build of the current docker packages.
CC: (none) => tarazed25Whiteboard: (none) => MGA8-64-OK
Validating
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
Fedora advisory with all three CVEs: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/THKJHFMX4DAZXJ5MFPN3BNHZDN7BW5RI/
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0377.html
Resolution: (none) => FIXEDStatus: ASSIGNED => RESOLVED