Go: Multiple Vulnerabilities

Go: Multiple Vulnerabilities Multiple vulnerabilities have been found in Go, the worst of which could result in remote code execution. go 2022-08-04 2022-08-04 754210 766216 775326 788640 794784 802054 806659 807049 816912 821859 828655 833156 834635 838130 843644 849290 857822 862822 remote 1.18.5 1.18.5

Go is an open source programming language that makes it easy to build simple, reliable, and efficient software.

Multiple vulnerabilities have been discovered in Go. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

There is no known workaround at this time.

All Go users should upgrade to the latest version:


          # emerge --sync
          # emerge --ask --oneshot --verbose ">=dev-lang/go-1.18.5"

In addition, users using Portage 3.0.9 or later should ensure that packages with Go binaries have no vulnerable code statically linked into their binaries by rebuilding the @golang-rebuild set:


          # emerge --ask --oneshot --verbose @golang-rebuild

CVE-2020-28366 CVE-2020-28367 CVE-2021-27918 CVE-2021-27919 CVE-2021-29923 CVE-2021-3114 CVE-2021-3115 CVE-2021-31525 CVE-2021-33195 CVE-2021-33196 CVE-2021-33197 CVE-2021-33198 CVE-2021-34558 CVE-2021-36221 CVE-2021-38297 CVE-2021-41771 CVE-2021-41772 CVE-2021-44716 CVE-2021-44717 CVE-2022-1705 CVE-2022-23772 CVE-2022-23773 CVE-2022-23806 CVE-2022-24675 CVE-2022-24921 CVE-2022-27536 CVE-2022-28131 CVE-2022-28327 CVE-2022-29526 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 ajak ajak