What is the severity of RHSA-2019:2682?

The severity of RHSA-2019:2682 is classified as important.

How do I fix RHSA-2019:2682?

To fix RHSA-2019:2682, update your Go Toolset to version 1.11-1.11.13-1.el7 or later.

What vulnerabilities are addressed by RHSA-2019:2682?

RHSA-2019:2682 addresses vulnerabilities related to unbounded memory growth in HTTP/2 PING and HEADERS frames.

Which software packages are affected by RHSA-2019:2682?

The affected packages include various versions of the Go Toolset, specifically those below version 1.11-1.11.13-1.el7.

Is there any workaround for RHSA-2019:2682?

There are no specific workarounds mentioned for RHSA-2019:2682; updating the software is recommended.

Vulnerability/
RHSA-2019:2682

9/9/2019

RHSA-2019:2682: Important: go-toolset-1.11 and go-toolset-1.11-golang security update

First published: Mon Sep 09 2019(Updated: )

Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang.<br>Security Fix(es):<br><li> HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)</li> <li> HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Software	Affected Version	How to fix
redhat/go-toolset	<1.11-1.11.13-1.el7	1.11-1.11.13-1.el7
redhat/go-toolset	<1.11-golang-1.11.13-2.el7	1.11-golang-1.11.13-2.el7
redhat/go-toolset	<1.11-1.11.13-1.el7	1.11-1.11.13-1.el7
redhat/go-toolset	<1.11-build-1.11.13-1.el7	1.11-build-1.11.13-1.el7
redhat/go-toolset	<1.11-golang-1.11.13-2.el7	1.11-golang-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-bin-1.11.13-2.el7	1.11-golang-bin-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-docs-1.11.13-2.el7	1.11-golang-docs-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-misc-1.11.13-2.el7	1.11-golang-misc-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-race-1.11.13-2.el7	1.11-golang-race-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-src-1.11.13-2.el7	1.11-golang-src-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-tests-1.11.13-2.el7	1.11-golang-tests-1.11.13-2.el7
redhat/go-toolset	<1.11-runtime-1.11.13-1.el7	1.11-runtime-1.11.13-1.el7
redhat/go-toolset	<1.11-scldevel-1.11.13-1.el7	1.11-scldevel-1.11.13-1.el7
redhat/go-toolset	<1.11-build-1.11.13-1.el7	1.11-build-1.11.13-1.el7
redhat/go-toolset	<1.11-golang-bin-1.11.13-2.el7	1.11-golang-bin-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-misc-1.11.13-2.el7	1.11-golang-misc-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-src-1.11.13-2.el7	1.11-golang-src-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-tests-1.11.13-2.el7	1.11-golang-tests-1.11.13-2.el7
redhat/go-toolset	<1.11-runtime-1.11.13-1.el7	1.11-runtime-1.11.13-1.el7
redhat/go-toolset	<1.11-scldevel-1.11.13-1.el7	1.11-scldevel-1.11.13-1.el7
redhat/go-toolset	<1.11-1.11.13-1.el7	1.11-1.11.13-1.el7
redhat/go-toolset	<1.11-build-1.11.13-1.el7	1.11-build-1.11.13-1.el7
redhat/go-toolset	<1.11-golang-1.11.13-2.el7	1.11-golang-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-bin-1.11.13-2.el7	1.11-golang-bin-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-misc-1.11.13-2.el7	1.11-golang-misc-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-src-1.11.13-2.el7	1.11-golang-src-1.11.13-2.el7
redhat/go-toolset	<1.11-golang-tests-1.11.13-2.el7	1.11-golang-tests-1.11.13-2.el7
redhat/go-toolset	<1.11-runtime-1.11.13-1.el7	1.11-runtime-1.11.13-1.el7
redhat/go-toolset	<1.11-scldevel-1.11.13-1.el7	1.11-scldevel-1.11.13-1.el7
redhat/go-toolset	<1.11-1.11.13-1.el7.aa	1.11-1.11.13-1.el7.aa
redhat/go-toolset	<1.11-build-1.11.13-1.el7.aa	1.11-build-1.11.13-1.el7.aa
redhat/go-toolset	<1.11-golang-1.11.13-2.el7.aa	1.11-golang-1.11.13-2.el7.aa
redhat/go-toolset	<1.11-golang-bin-1.11.13-2.el7.aa	1.11-golang-bin-1.11.13-2.el7.aa
redhat/go-toolset	<1.11-golang-misc-1.11.13-2.el7.aa	1.11-golang-misc-1.11.13-2.el7.aa
redhat/go-toolset	<1.11-golang-src-1.11.13-2.el7.aa	1.11-golang-src-1.11.13-2.el7.aa
redhat/go-toolset	<1.11-golang-tests-1.11.13-2.el7.aa	1.11-golang-tests-1.11.13-2.el7.aa
redhat/go-toolset	<1.11-runtime-1.11.13-1.el7.aa	1.11-runtime-1.11.13-1.el7.aa
redhat/go-toolset	<1.11-scldevel-1.11.13-1.el7.aa	1.11-scldevel-1.11.13-1.el7.aa

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:2682?
The severity of RHSA-2019:2682 is classified as important.
How do I fix RHSA-2019:2682?
To fix RHSA-2019:2682, update your Go Toolset to version 1.11-1.11.13-1.el7 or later.
What vulnerabilities are addressed by RHSA-2019:2682?
RHSA-2019:2682 addresses vulnerabilities related to unbounded memory growth in HTTP/2 PING and HEADERS frames.
Which software packages are affected by RHSA-2019:2682?
The affected packages include various versions of the Go Toolset, specifically those below version 1.11-1.11.13-1.el7.
Is there any workaround for RHSA-2019:2682?
There are no specific workarounds mentioned for RHSA-2019:2682; updating the software is recommended.

agent/description
agent/event
agent/first-publish-date
agent/last-modified-date
agent/references
agent/remedy
agent/severity
agent/softwarecombine
agent/tags
agent/title
agent/type
collector/redhat-errata
source/Red Hat
anchor-id/RHSA-2019:2682
agent/software-canonical-lookup
package-manager/redhat

RHSA-2019:2682: Important: go-toolset-1.11 and go-toolset-1.11-golang security update

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of RHSA-2019:2682?

How do I fix RHSA-2019:2682?

What vulnerabilities are addressed by RHSA-2019:2682?

Which software packages are affected by RHSA-2019:2682?

Is there any workaround for RHSA-2019:2682?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of RHSA-2019:2682?

How do I fix RHSA-2019:2682?

What vulnerabilities are addressed by RHSA-2019:2682?

Which software packages are affected by RHSA-2019:2682?

Is there any workaround for RHSA-2019:2682?