{"id":"MGASA-2016-0207","summary":"Updated golang package fixes CVE-2016-3959","details":"Updated golang packages fix security vulnerability:\n\nGo has an infinite loop in several big integer routines that makes\nGo programs vulnerable to remote denial of service attacks. Programs\nusing HTTPS client authentication or the Go ssh server libraries are\nboth exposed to this vulnerability (CVE-2016-3959).\n","modified":"2026-01-30T11:54:49.932114Z","published":"2016-05-23T22:00:58Z","related":["CVE-2016-3959"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0207.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=18482"},{"type":"REPORT","url":"https://lists.opensuse.org/opensuse-updates/2016-05/msg00077.html"}],"affected":[{"package":{"name":"golang","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/golang?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.6.2-7.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0207.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}