[security] Go 1.22.3 and Go 1.21.10 are releasedCVE-2024-24787: On Darwin

咕 Billchen 咕 |

[security] Go 1.22.3 and Go 1.21.10 are released

CVE-2024-24787: On Darwin, building a Go module which contains CGO can trigger arbitrary code execution when using the Apple version of ld, due to usage of the -lto_library flag in a "#cgo LDFLAGS" directive.
CVE-2024-24788: A malformed DNS message in response to a query can cause the Lookup functions to get stuck in an infinite loop.

https://groups.google.com/g/golang-announce/c/wkkO4P9stm0

www.tg-me.com/hk/咕 Billchen 咕 | 咕咕咕咕咕？/com.billchenla/19346

902 viewsbillchenchina | Nya!, May 8 at 17:47

tg-me.com/billchenla/19346

Create: 2024-05-08
Last Update: 2024-06-17 05:17:22

BY 咕 Billchen 咕 |

Warning: Undefined variable $i in /var/www/tg-me/post.php on line 280

Share with your friend now:
tg-me.com/billchenla/19346

咕 Billchen 咕 | 咕咕咕咕咕？ Telegram | DID YOU KNOW?

Why Telegram?

[security] Go 1.22.3 and Go 1.21.10 are releasedCVE-2024-24787: On Darwin