FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

go -- multiple vulnerabilities

Affected packages
go < 1.17.3,1


VuXML ID 930def19-3e05-11ec-9ba8-002324b2fba8
Discovery 2021-11-04
Entry 2021-11-05

The Go project reports:

debug/macho fails out when loading a file that contains a dynamic symbol table command that indicates a larger number of symbols than exist in the loaded symbol table.

Previously, opening a zip with (*Reader).Open could result in a panic if the zip contained a file whose name was exclusively made up of slash characters or ".." path elements. Open could also panic if passed the empty string directly as an argument.


CVE Name CVE-2021-41771
CVE Name CVE-2021-41772