Multiple vulnerabilities have been found in Go, the worst of which may result in the execution of arbitrary commands.
Package | dev-lang/go on all architectures |
---|---|
Affected versions | < 1.9.1 |
Unaffected versions | >= 1.9.1 |
Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.
Multiple vulnerabilities have been discovered in Go. Please review the references below for details.
Remote attackers could execute arbitrary Go commands or conduct a man in the middle attack.
There is no known workaround at this time.
All Go users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=dev-lang/go-1.9.1"
Release date
October 23, 2017
Latest revision
October 23, 2017: 1
Severity
normal
Exploitable
remote
Bugzilla entries