Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2017-8932

Golang: Elliptic curves carry propagation issue in x86-64 P-256. A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could use this flaw to extract private keys when static ECDH is used. (CVE-2017-8932)

Source

ALAS-2017-857

Amazon Linux AMI Security Advisory: ALAS-2017-857
Advisory Release Date: 2017-07-13 19:37 Pacific
Advisory Updated Date: 2017-07-14 23:19 Pacific

Severity: Medium

References: CVE-2017-8932

Issue Overview:

Golang: Elliptic curves carry propagation issue in x86-64 P-256. A carry propagation flaw was found in the implementation of the P-256 elliptic curve in golang. An attacker could use this flaw to extract private keys when static ECDH is used. (CVE-2017-8932)

Affected Packages:

golang

Issue Correction:
Run yum update golang to update your system.

New Packages:

i686:
    golang-1.7.5-2.39.amzn1.i686
    golang-bin-1.7.5-2.39.amzn1.i686

noarch:
    golang-tests-1.7.5-2.39.amzn1.noarch
    golang-src-1.7.5-2.39.amzn1.noarch
    golang-misc-1.7.5-2.39.amzn1.noarch
    golang-docs-1.7.5-2.39.amzn1.noarch

src:
    golang-1.7.5-2.39.amzn1.src

x86_64:
    golang-bin-1.7.5-2.39.amzn1.x86_64
    golang-1.7.5-2.39.amzn1.x86_64

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

ALAS-2017-857

ALAS-2017-857

Vulmon Search

About

Products

Connect