Amazon Linux 1 Security Advisory: ALAS-2021-1538
Advisory Release Date: 2021-09-30 19:24 Pacific
Advisory Updated Date: 2021-10-04 22:19 Pacific
A race condition flaw was found in Go. The incoming requests body weren't closed after the handler panic and as a consequence this could lead to ReverseProxy crash. The highest threat from this vulnerability is to Availability. (CVE-2021-36221)
Affected Packages:
golang
Issue Correction:
Run yum update golang to update your system.
i686:
golang-1.15.15-1.71.amzn1.i686
golang-bin-1.15.15-1.71.amzn1.i686
noarch:
golang-docs-1.15.15-1.71.amzn1.noarch
golang-tests-1.15.15-1.71.amzn1.noarch
golang-misc-1.15.15-1.71.amzn1.noarch
golang-src-1.15.15-1.71.amzn1.noarch
src:
golang-1.15.15-1.71.amzn1.src
x86_64:
golang-race-1.15.15-1.71.amzn1.x86_64
golang-1.15.15-1.71.amzn1.x86_64
golang-bin-1.15.15-1.71.amzn1.x86_64