OPENSUSE-SU-2021:2392-1

Advisory lineage Upstream: 1 Downstream: 0

Upstream

CVE-2021-34558

Published: 19 Jul 2021, 06:50

Last modified:04 Feb 2026, 02:54

Vulnerability Summary

Overall Risk (default)

minimal

0/100

CVSS Score

No data

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

19 Jul 2021, 06:50

Published

Vulnerability first disclosed

04 Feb 2026, 02:54

Last Modified

Vulnerability information updated

Description

Security update for go1.16 This update for go1.16 fixes the following issues: go1.16.6 (released 2021-07-12, bsc#1182345) includes a security fix to the crypto/tls package, as well as bug fixes to the compiler, and the net and net/http packages. Security issue fixed: CVE-2021-34558: Fixed crypto/tls: clients can panic when provided a certificate of the wrong type for the negotiated parameters (bsc#1188229) go1.16 release: * bsc#1188229 go#47143 CVE-2021-34558 * go#47145 security: fix CVE-2021-34558 * go#46999 net: LookupMX behaviour broken * go#46981 net: TestCVE202133195 fails if /etc/resolv.conf specifies ndots larger than 3 * go#46769 syscall: TestGroupCleanupUserNamespace test failure on Fedora * go#46657 runtime: deeply nested struct initialized with non-zero values * go#44984 net/http: server not setting Content-Length in certain cases

Affected Systems

opensuse•go1.16&distro=openSUSE Leap 15.3
< 1.16.6-1.20.1

OPENSUSE-SU-2021:2392-1

Vulnerability Summary

Timeline

Description

Affected Systems

References (4)